Need Help removing DOSEARCHES

Status
Not open for further replies.
J

JD the DJ

New member
This malware was unable to be removed by MBAM, Spybot or SAS.

DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2
Run by Dana at 19:08:18 on 2013-11-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3687.2579 [GMT -7:00]
.
AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: ZoneAlarm Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Zonealarm Helper Object: {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Dragon NaturallySpeaking Rich Internet Application Support - Extension: {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieshim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Steganos Password Manager Toolbar: {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 2012\SPMIEToolbar.dll
TB: ZoneAlarm Security Toolbar: {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
TB: Steganos Password Manager Toolbar: {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 2012\SPMIEToolbar.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [MSGTAG] "C:\Program Files (x86)\MSGTAG\MSGTAG.exe" /startup
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -update activex
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [Update 5300C] C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan\update.exe 5300C+
mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE"
mRun: [PaperPort PTD] c:\progra~2\scansoft\paperp~1\pptd40nt.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Dana\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk.disabled
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Copy to &Lightning Note - c:\Program Files (x86)\Corel\WordPerfect Lightning\Programs\WPLightningCopyToNote.hta
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {024538B9-3F39-49FF-9503-975F743210FA} - {9C65D12D-CF9D-454d-8049-61965D8C6FFF}
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{5CB20EBE-68F5-4056-9AEB-9486E27E68D3} : DHCPNameServer = 192.168.0.1 205.171.3.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-mSearch Page = hxxp://www.google.com
x64-mDefault_Page_URL = hxxp://www.google.com
x64-mDefault_Search_URL = hxxp://www.google.com
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-RunOnce: [GrpConv] grpconv -o
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Mysearchdial
FF - prefs.js: browser.startup.homepage - hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=567981372&ir=
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=2&CUI=UN47010554705404406&UM=&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Dana\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-11-07 13:47; firefox@batbrowse.com; C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\firefox@batbrowse.com.xpi
FF - ExtSQL: 2013-11-09 20:02; {ad9a41d2-9a49-4fa6-a79e-71a0785364c8}; C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.zonealarm_i.newTab - false
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.5.24.420:50:28
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.hpOld0 - hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=a8173ec17d69495397e8888238e70ea4&tu=10GX0007q2B000v&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?src=tb&tbid=goughGA&Lan={dfltLng}&gu=a8173ec17d69495397e8888238e70ea4&tu=10GXz00Aw2C01g0&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.id - 18055e8f000000000000e840f2e0f4fd
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 16018
FF - user.js: extensions.zonealarm.vrsn - 1.8.22.0
FF - user.js: extensions.zonealarm.vrsni - 1.8.22.0
FF - user.js: extensions.zonealarm.vrsnTs - 1.8.22.09:19:17
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1025
FF - user.js: extensions.zonealarm.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - goughGA
FF - user.js: extensions.zonealarm.instlRef - ZLN113883604008443-1001
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.ffxUnstlRst - false
FF - user.js: extensions.zonealarm.admin - false
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm.rvrt - false
FF - user.js: extensions.zonealarm.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?src=hp&tbid=goughGA&Lan=en&gu=a8173ec17d69495397e8888238e70ea4&tu=10GXz00Aw2C01g0&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.kw_url - hxxp://search.zonealarm.com/search?src=sp&tbid=goughGA&Lan=en&gu=a8173ec17d69495397e8888238e70ea4&tu=10GXz00Aw2C01g0&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.dnsErr - true
FF - user.js: extensions.zonealarm.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?src=nt&tbid=goughGA&Lan=en&gu=a8173ec17d69495397e8888238e70ea4&tu=10GXz00Aw2C01g0&sku=&tstsId=&ver=&
FF - user.js: extensions.mysearchdial.hmpg - true
FF - user.js: extensions.mysearchdial.hmpgUrl - hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=567981372&ir=
FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false
FF - user.js: extensions.mysearchdial.newTabUrl - hxxp://start.mysearchdial.com/?f=2&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=567981372&ir=
FF - user.js: extensions.mysearchdial.tlbrSrchUrl - hxxp://start.mysearchdial.com/?f=3&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=567981372&ir=&q=
FF - user.js: extensions.mysearchdial.id - E840F2E0F4FD5E8F
FF - user.js: extensions.mysearchdial.instlDay - 16018
FF - user.js: extensions.mysearchdial.vrsn - 1.8.21.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.21.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.21.019:1:37
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - irmsd103
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 567981372
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA
FF - user.js: extensions.irmysearch.aflt - irmsd103
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 567981372
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2012-5-16 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2012-5-16 40064]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-10-10 144152]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-5-16 169584]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-5-16 47232]
S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-5-16 204288]
S2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-16 16384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
S2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2012-7-18 310232]
S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
S2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-16 682040]
S2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-19 701512]
S2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-5-16 1128952]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-10-25 1153368]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2013-10-15 50704]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-19 25928]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 139616]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-11-19 31800]
S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
S3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
S3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-7-29 16152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-14 1255736]
S4 70e6ca8c;Optimizer Pro Crash Monitor;"c:\progra~2\optimi~1\OptProCrash.exe" --> c:\progra~2\optimi~1\OptProCrash.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
ShellExec: LightningViewer.exe: View="c:\Program Files (x86)\Corel\WordPerfect Lightning\Programs\LightningNavigator.exe" "-ViewDocument" "%1"
.
=============== Created Last 30 ================
.
2013-11-20 01:46:26 -------- d-----w- C:\Users\Dana\AppData\Local\VS Revo Group
2013-11-20 01:46:17 -------- d-----w- C:\ProgramData\VS Revo Group
2013-11-20 01:46:16 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
2013-11-20 01:46:13 -------- d-----w- C:\Program Files\VS Revo Group
2013-11-19 22:06:53 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-19 22:06:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-12 11:59:46 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A5F52F51-A0ED-45A6-821B-9C2FF688FE6A}\mpengine.dll
2013-11-12 02:37:18 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-12 02:05:37 -------- d-----w- C:\Users\Dana\AppData\Local\DoNotTrackPlus
2013-11-10 19:25:25 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-10 19:25:25 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-10 19:25:25 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-10 19:25:25 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-10 19:25:24 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-10 19:25:24 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-10 19:25:24 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-10 04:32:02 0 ----a-w- C:\Windows\SysWow64\shoEFBA.tmp
2013-11-10 02:28:55 -------- d-----w- C:\Program Files\Uninstaller
2013-11-10 02:17:22 -------- d-----w- C:\Users\Dana\AppData\Roaming\OpenWebKitSharp Strings
2013-11-10 02:02:19 -------- d-----w- C:\Users\Dana\AppData\Roaming\0D0S1L2Z1P1B
2013-11-10 02:01:40 -------- d-----w- C:\Users\Dana\AppData\Roaming\DigitalSite
2013-11-09 16:38:36 7717984 ----a-w- C:\Windows\System32\drivers\kl1.sys
2013-11-09 16:38:28 90208 ----a-w- C:\Windows\System32\drivers\klflt.sys
2013-11-06 09:43:20 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8F2D5EFD-C39B-4A09-BA30-2BDC5F9BD588}\gapaengine.dll
.
==================== Find3M ====================
.
2013-11-12 01:56:33 16152 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
2013-10-23 18:00:56 454168 ----a-w- C:\Windows\System32\drivers\vsdatant.sys
2013-10-16 00:31:22 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-11 20:15:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-11 20:15:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-12 02:40:41 3766 --sha-w- C:\ProgramData\KGyGaAvL.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
.
============= FINISH: 19:09:09.27 ===============


aswMBR

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-21 19:11:35
-----------------------------
19:11:35.357 OS Version: Windows x64 6.1.7601 Service Pack 1
19:11:35.357 Number of processors: 2 586 0x200
19:11:35.372 ComputerName: DANA-HP UserName: Dana
19:11:37.057 Initialize success
19:12:43.061 AVAST engine download error: 0
19:14:41.699 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005c
19:14:41.699 Disk 0 Vendor: ST500DM0 HP73 Size: 476940MB BusType: 11
19:14:41.808 Disk 0 MBR read successfully
19:14:41.808 Disk 0 MBR scan
19:14:41.808 Disk 0 Windows 7 default MBR code
19:14:41.839 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:14:41.855 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459850 MB offset 206848
19:14:41.886 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16988 MB offset 941979648
19:14:41.949 Disk 0 scanning C:\Windows\system32\drivers
19:14:48.391 Service scanning
19:15:03.851 Modules scanning
19:15:03.867 Disk 0 trace - called modules:
19:15:03.882 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
19:15:04.428 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80047e8790]
19:15:04.444 3 CLASSPNP.SYS[fffff880020ee43f] -> nt!IofCallDriver -> [0xfffffa800439f040]
19:15:04.459 5 amd_xata.sys[fffff880017eeb3f] -> nt!IofCallDriver -> \Device\0000005c[0xfffffa800439b060]
19:15:04.491 Scan finished successfully
19:20:26.210 Disk 0 MBR has been saved successfully to "C:\Users\Dana\Desktop\MBR.dat"
19:20:26.226 The log file has been saved successfully to "C:\Users\Dana\Desktop\aswMBR.txt"


Thanks
 

Attachments

:welcome:

Sorry for the delay

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
 
AdwCleaner logfile (Part 1 of 2)

Thanks for helping!

  1. Started desktop in 'Safe Mode with Networking'
  2. Downloaded AdwCleaner (right clicked and 'Ran as Admin..' )
  3. Clicked 'Scan'
  4. Clicked 'Report' (although Notepad did not open, I went to folder and found report)
  5. I do not see anything that can't be easily replaced (like, desktop links to browsers)
  6. (AdwCleaner: I have not clicked 'Clean' )

Below is the log file of AdwCleaner (Part 1 of 2)

# AdwCleaner v3.013 - Report created 26/11/2013 at 11:28:45
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dana - DANA-HP
# Running from : C:\Users\Dana\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : 70e6ca8c

***** [ Files / Folders ] *****

File Found : C:\Users\Dana\AppData\Local\mysearchdial-speeddial.crx
File Found : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\searchplugins\Mysearchdial.xml
File Found : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\searchplugins\zonealarm.xml
File Found : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\user.js
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\infoatoms@infoatoms.com
Folder Found : C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Folder Found : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\Extensions\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}
Folder Found : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Found : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Found C:\Program Files (x86)\Common Files\Umbrella
Folder Found C:\Program Files (x86)\InfoAtoms
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\Iminent
Folder Found C:\Users\Dana\AppData\Local\Coupon Companion Plugin
Folder Found C:\Users\Dana\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Found C:\Users\Dana\AppData\Roaming\digitalsite
Folder Found C:\Users\Dana\AppData\Roaming\Iminent
Folder Found C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\ConduitCommon
Folder Found C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\CT3015261
Folder Found C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\Smartbar
Folder Found C:\Users\Dana\AppData\Roaming\pdfforge

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )
Shortcut Found : C:\Users\Dana\Desktop\Google Chrome.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )
Shortcut Found : C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )
Shortcut Found : C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )
Shortcut Found : C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )
Shortcut Found : C:\Users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )
Shortcut Found : C:\Users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )
Shortcut Found : C:\Users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )
Shortcut Found : C:\Users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )
Shortcut Found : C:\Users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk ( hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=sc&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503 )

***** [ Registry ] *****

Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\FLEXnet
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181104}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181104}
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\FLEXnet
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211181104}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182204}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Found : HKLM\SOFTWARE\Classes\Iminent
Key Found : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
Key Found : HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185504}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244184404}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ccncljhbalbbkkfgopogabimepmfkmff
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Key Found : HKLM\Software\Iminent
Key Found : HKLM\Software\InfoAtoms
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185504}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [infoatoms@infoatoms.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA&cr=567981372&ir=

-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\prefs.js ]

Line Found : user_pref("CT2642707.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT2642707.CTID", "CT2642707");
Line Found : user_pref("CT2642707.CurrentServerDate", "28-8-2010");
Line Found : user_pref("CT2642707.DialogsAlignMode", "LTR");
Line Found : user_pref("CT2642707.DownloadReferralCookieData", "");
Line Found : user_pref("CT2642707.EMailNotifierPollDate", "Fri Aug 27 2010 20:37:41 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT2642707.ExternalComponentPollDate129273915361569259", "Fri Aug 27 2010 20:31:16 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT2642707.FirstServerDate", "28-8-2010");
Line Found : user_pref("CT2642707.FirstTime", true);
Line Found : user_pref("CT2642707.FirstTimeFF3", true);
Line Found : user_pref("CT2642707.FirstTimeSettingsDone", true);
Line Found : user_pref("CT2642707.FixPageNotFoundErrors", true);
Line Found : user_pref("CT2642707.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT2642707.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT2642707.Initialize", true);
Line Found : user_pref("CT2642707.InitializeCommonPrefs", true);
Line Found : user_pref("CT2642707.InstallationAndCookieDataSentCount", 1);
Line Found : user_pref("CT2642707.InstalledDate", "Fri Aug 27 2010 20:31:18 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT2642707.InvalidateCache", false);
Line Found : user_pref("CT2642707.IsGrouping", false);
Line Found : user_pref("CT2642707.IsMulticommunity", false);
Line Found : user_pref("CT2642707.IsOpenThankYouPage", true);
Line Found : user_pref("CT2642707.IsOpenUninstallPage", true);
Line Found : user_pref("CT2642707.LanguagePackLastCheckTime", "Fri Aug 27 2010 20:31:18 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT2642707.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT2642707.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT2642707.LastLogin_2.7.2.0", "Fri Aug 27 2010 20:32:40 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT2642707.LatestVersion", "2.7.2.0");
Line Found : user_pref("CT2642707.Locale", "en");
Line Found : user_pref("CT2642707.LoginCache", 4);
Line Found : user_pref("CT2642707.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT2642707.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT2642707.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT2642707.RadioIsPodcast", false);
Line Found : user_pref("CT2642707.RadioLastCheckTime", "Fri Aug 27 2010 20:32:39 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT2642707.RadioLastUpdateIPServer", "3");
Line Found : user_pref("CT2642707.RadioLastUpdateServer", "3");
Line Found : user_pref("CT2642707.RadioMediaID", "9962");
Line Found : user_pref("CT2642707.RadioMediaType", "Media Player");
Line Found : user_pref("CT2642707.RadioMenuSelectedID", "EBRadioMenu_CT26427079962");
Line Found : user_pref("CT2642707.RadioStationName", "California%20Rock");
Line Found : user_pref("CT2642707.RadioStationURL", "hxxp://feedlive.net/california.asx");
Line Found : user_pref("CT2642707.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2642707&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Found : user_pref("CT2642707.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT2642707.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2642707&q=");
Line Found : user_pref("CT2642707.SearchInNewTabEnabled", true);
Line Found : user_pref("CT2642707.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT2642707.SearchInNewTabLastCheckTime", "Fri Aug 27 2010 20:32:42 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT2642707.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2642707.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2642707.SettingsCheckIntervalMin", 120);
Line Found : user_pref("CT2642707.SettingsLastCheckTime", "Fri Aug 27 2010 20:31:14 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT2642707.SettingsLastUpdate", "1282918036");
Line Found : user_pref("CT2642707.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT2642707.ThirdPartyComponentsLastCheck", "Fri Aug 27 2010 20:31:12 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT2642707.ThirdPartyComponentsLastUpdate", "1246790578");
Line Found : user_pref("CT2642707.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Found : user_pref("CT2642707.UserID", "UN68802187513420710");
Line Found : user_pref("CT2642707.WeatherNetwork", "");
Line Found : user_pref("CT2642707.WeatherPollDate", "Fri Aug 27 2010 20:31:18 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT2642707.WeatherUnit", "F");
Line Found : user_pref("CT2642707.alertChannelId", "1035394");
Line Found : user_pref("CT2642707.clientLogIsEnabled", false);
Line Found : user_pref("CT2642707.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT2642707.myStuffEnabled", true);
Line Found : user_pref("CT2642707.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT2642707.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT2642707.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT2642707.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT2642707.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT2878731..clientLogIsEnabled", true);
Line Found : user_pref("CT2878731..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT2878731..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT2878731.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT2878731.CT2878736.CommunityChanged", true);
Line Found : user_pref("CT2878731.CT2878740.CommunityChanged", true);
Line Found : user_pref("CT2878731.CT2878743.CommunityChanged", true);
Line Found : user_pref("CT2878731.CT2878746.CommunityChanged", true);
Line Found : user_pref("CT2878731.CT2878751.CommunityChanged", true);
Line Found : user_pref("CT2878731.CT2878754.CommunityChanged", true);
Line Found : user_pref("CT2878731.CT2878761.CommunityChanged", true);
Line Found : user_pref("CT2878731.CTID", "ct2878731");
Line Found : user_pref("CT2878731.CommunitiesChangesLastCheckTime", "Sun Feb 06 2011 22:17:09 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.CommunityChanged", true);
Line Found : user_pref("CT2878731.CurrentServerDate", "7-2-2011");
Line Found : user_pref("CT2878731.DialogsAlignMode", "LTR");
Line Found : user_pref("CT2878731.DownloadReferralCookieData", "");
Line Found : user_pref("CT2878731.FirstServerDate", "8-1-2011");
Line Found : user_pref("CT2878731.FirstTime", true);
Line Found : user_pref("CT2878731.FirstTimeFF3", true);
Line Found : user_pref("CT2878731.FixPageNotFoundErrors", true);
Line Found : user_pref("CT2878731.GroupingLastCheckTime", "Sun Feb 06 2011 22:17:02 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.GroupingLastErrorCode", "");
Line Found : user_pref("CT2878731.GroupingLastResponse", false);
Line Found : user_pref("CT2878731.GroupingLastServerUpdateTime", "129387802624070000");
Line Found : user_pref("CT2878731.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT2878731.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT2878731.HasUserGlobalKeys", true);
Line Found : user_pref("CT2878731.Initialize", true);
Line Found : user_pref("CT2878731.InitializeCommonPrefs", true);
Line Found : user_pref("CT2878731.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT2878731.InstallationId", "IncrediMail_MediaBar_4.exe");
Line Found : user_pref("CT2878731.InstallationType", "ConduitIntegration");
Line Found : user_pref("CT2878731.InstalledDate", "Sat Jan 08 2011 08:15:03 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.IsGrouping", true);
Line Found : user_pref("CT2878731.IsMulticommunity", false);
Line Found : user_pref("CT2878731.IsOpenThankYouPage", false);
Line Found : user_pref("CT2878731.IsOpenUninstallPage", true);
Line Found : user_pref("CT2878731.LanguagePackLastCheckTime", "Sat Jan 08 2011 08:15:06 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT2878731.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT2878731.LastLogin_3.2.5.2", "Sun Feb 06 2011 22:17:14 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.LatestVersion", "3.2.5.2");
Line Found : user_pref("CT2878731.Locale", "en");
Line Found : user_pref("CT2878731.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT2878731.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT2878731.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT2878731.RadioIsPodcast", false);
Line Found : user_pref("CT2878731.RadioMediaID", "9962");
Line Found : user_pref("CT2878731.RadioMediaType", "Media Player");
Line Found : user_pref("CT2878731.RadioMenuSelectedID", "EBRadioMenu_CT28787319962");
Line Found : user_pref("CT2878731.RadioStationName", "California%20Rock");
Line Found : user_pref("CT2878731.RadioStationURL", "hxxp://feedlive.net/california.asx");
Line Found : user_pref("CT2878731.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT2878731.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2878731&q=");
Line Found : user_pref("CT2878731.SearchInNewTabEnabled", true);
Line Found : user_pref("CT2878731.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT2878731.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2878731.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2878731.ServiceMapLastCheckTime", "Sun Feb 06 2011 22:17:11 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.SettingsLastCheckTime", "Sat Jan 08 2011 08:14:58 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.SettingsLastUpdate", "1294299462");
Line Found : user_pref("CT2878731.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT2878731.ThirdPartyComponentsLastCheck", "Sat Jan 08 2011 08:14:58 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.ThirdPartyComponentsLastUpdate", "1246790578");
Line Found : user_pref("CT2878731.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Found : user_pref("CT2878731.UserID", "UN31067470497287730");
Line Found : user_pref("CT2878731.WeatherNetwork", "");
Line Found : user_pref("CT2878731.WeatherPollDate", "Sun Feb 06 2011 22:47:22 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.WeatherUnit", "C");
Line Found : user_pref("CT2878731.ct2878731.DialogsAlignMode", "LTR");
Line Found : user_pref("CT2878731.ct2878731.GroupingInvalidateCache", false);
Line Found : user_pref("CT2878731.ct2878731.GroupingLastCheckTime", "Sun Feb 06 2011 22:17:09 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.ct2878731.GroupingLastErrorCode", "");
Line Found : user_pref("CT2878731.ct2878731.GroupingLastResponse", false);
Line Found : user_pref("CT2878731.ct2878731.GroupingLastServerUpdateTime", "129387802624070000");
Line Found : user_pref("CT2878731.ct2878731.InvalidateCache", false);
Line Found : user_pref("CT2878731.ct2878731.LanguagePackLastCheckTime", "Sun Feb 06 2011 22:17:13 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.ct2878731.Locale", "en");
Line Found : user_pref("CT2878731.ct2878731.RadioLastCheckTime", "Sun Feb 06 2011 22:17:18 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.ct2878731.RadioLastUpdateIPServer", "3");
Line Found : user_pref("CT2878731.ct2878731.RadioLastUpdateServer", "3");
Line Found : user_pref("CT2878731.ct2878731.SearchInNewTabLastCheckTime", "Sun Feb 06 2011 22:17:11 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.ct2878731.SettingsLastCheckTime", "Sun Feb 06 2011 22:17:02 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.ct2878731.SettingsLastUpdate", "1297007872");
Line Found : user_pref("CT2878731.ct2878731.ThirdPartyComponentsLastCheck", "Sun Feb 06 2011 22:17:01 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.ct2878731.ThirdPartyComponentsLastUpdate", "1246790578");
Line Found : user_pref("CT2878731.ct2878731.toolbarAppMetaDataLastCheckTime", "Sun Feb 06 2011 22:17:13 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.ct2878731.toolbarContextMenuLastCheckTime", "Sat Jan 08 2011 08:15:16 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.myStuffEnabled", true);
Line Found : user_pref("CT2878731.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT2878731.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT2878731.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT2878731.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT2878731.testingCtid", "");
Line Found : user_pref("CT2878731.toolbarAppMetaDataLastCheckTime", "Sat Jan 08 2011 08:15:16 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT2878731.toolbarContextMenuLastCheckTime", "Sat Jan 08 2011 08:15:16 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT3015261..clientLogIsEnabled", false);
Line Found : user_pref("CT3015261..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT3015261..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT3015261.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Found : user_pref("CT3015261.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT3015261.AppTrackingLastCheckTime", "Fri Jul 13 2012 16:27:02 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.BrowserCompStateIsOpen_129958911685785597", true);
Line Found : user_pref("CT3015261.BrowserCompStateIsOpen_1367165901000", true);
Line Found : user_pref("CT3015261.CT3015261", "CT3015261");
Line Found : user_pref("CT3015261.CurrentServerDate", "15-10-2013");
Line Found : user_pref("CT3015261.DialogsAlignMode", "LTR");
Line Found : user_pref("CT3015261.DialogsGetterLastCheckTime", "Tue Oct 15 2013 10:58:16 GMT-0600 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.DownloadReferralCookieData", "");
Line Found : user_pref("CT3015261.EMailNotifierPollDate", "Wed Jul 18 2012 20:07:17 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3015261.FirstServerDate", "2-8-2011");
Line Found : user_pref("CT3015261.FirstTime", true);
Line Found : user_pref("CT3015261.FirstTimeFF3", true);
Line Found : user_pref("CT3015261.FixPageNotFoundErrors", false);
Line Found : user_pref("CT3015261.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT3015261.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT3015261.HasUserGlobalKeys", true);
Line Found : user_pref("CT3015261.HomePageProtectorEnabled", false);
Line Found : user_pref("CT3015261.Initialize", true);
Line Found : user_pref("CT3015261.InitializeCommonPrefs", true);
Line Found : user_pref("CT3015261.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT3015261.InstallationType", "Unknown");
Line Found : user_pref("CT3015261.InstalledDate", "Tue Aug 02 2011 10:23:01 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.InvalidateCache", false);
Line Found : user_pref("CT3015261.IsAlertDBUpdated", true);
Line Found : user_pref("CT3015261.IsGrouping", false);
Line Found : user_pref("CT3015261.IsInitSetupIni", true);
Line Found : user_pref("CT3015261.IsMulticommunity", false);
Line Found : user_pref("CT3015261.IsOpenThankYouPage", true);
Line Found : user_pref("CT3015261.IsOpenUninstallPage", true);
Line Found : user_pref("CT3015261.IsProtectorsInit", true);
Line Found : user_pref("CT3015261.LanguagePackLastCheckTime", "Fri Oct 18 2013 10:58:16 GMT-0600 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT3015261.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT3015261.LastLogin_3.10.0.1", "Tue Apr 17 2012 20:57:18 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.LastLogin_3.12.0.7", "Tue Apr 24 2012 14:51:19 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.LastLogin_3.12.2.3", "Wed May 30 2012 21:25:41 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.LastLogin_3.13.0.6", "Mon Jul 16 2012 09:58:32 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.LastLogin_3.14.1.0", "Tue Aug 21 2012 15:28:43 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.LastLogin_3.15.1.0", "Wed Nov 07 2012 10:36:34 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.LastLogin_3.16.0.3", "Sun Feb 10 2013 16:01:44 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.LastLogin_3.18.0.7", "Mon Jul 29 2013 22:07:25 GMT-0600 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.LastLogin_3.19.0.3", "Tue Oct 15 2013 10:58:15 GMT-0600 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.LastLogin_3.6.0.10", "Fri Sep 30 2011 08:24:28 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.LastLogin_3.7.0.6", "Thu Nov 17 2011 13:47:16 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.LastLogin_3.8.0.8", "Wed Dec 07 2011 16:45:19 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.LastLogin_3.8.1.0", "Sat Jan 28 2012 12:41:21 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.LastLogin_3.9.0.3", "Thu Mar 08 2012 11:03:23 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.LatestVersion", "3.20.0.4");
Line Found : user_pref("CT3015261.Locale", "en");
Line Found : user_pref("CT3015261.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT3015261.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT3015261.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT3015261.MyStuffEnabledAtInstallation", true);
Line Found : user_pref("CT3015261.OriginalFirstVersion", "3.6.0.10");
Line Found : user_pref("CT3015261.RadioIsPodcast", false);
Line Found : user_pref("CT3015261.RadioLastCheckTime", "Wed Jul 18 2012 10:00:01 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.RadioLastUpdateIPServer", "3");
Line Found : user_pref("CT3015261.RadioLastUpdateServer", "0");
Line Found : user_pref("CT3015261.RadioMediaID", "7865421");
Line Found : user_pref("CT3015261.RadioMediaType", "Media Player");
Line Found : user_pref("CT3015261.RadioMenuSelectedID", "EBRadioMenu_CT3015261_RECENT7865421");
Line Found : user_pref("CT3015261.RadioShrinkedFromSetup", false);
Line Found : user_pref("CT3015261.RadioStationName", "WAMU%2C%2088.5%20FM%2C%20Washington%20DC");
Line Found : user_pref("CT3015261.RadioStationURL", "hxxp://wamu.org/streams/live/1/win");
Line Found : user_pref("CT3015261.RadioVolume", "18");
Line Found : user_pref("CT3015261.SHRINK_TOOLBAR", 1);
Line Found : user_pref("CT3015261.SavedHomepage", "hxxps://encrypted.google.com/webhp?client=firefox-a&rls=org.mozilla:en-US:official");
Line Found : user_pref("CT3015261.SearchEngineBeforeUnload", "MyStart Search");
Line Found : user_pref("CT3015261.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT3015261.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=2&q=");
Line Found : user_pref("CT3015261.SearchInNewTabEnabled", true);
Line Found : user_pref("CT3015261.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT3015261.SearchInNewTabLastCheckTime", "Fri Oct 18 2013 10:58:08 GMT-0600 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Found : user_pref("CT3015261.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT3015261.SearchProtectorEnabled", false);
Line Found : user_pref("CT3015261.SearchProtectorToolbarDisabled", false);
Line Found : user_pref("CT3015261.ServiceMapLastCheckTime", "Fri Oct 18 2013 10:58:08 GMT-0600 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.SettingsLastCheckTime", "Tue Oct 15 2013 10:58:07 GMT-0600 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.SettingsLastUpdate", "1381306403");
Line Found : user_pref("CT3015261.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT3015261.ThirdPartyComponentsLastCheck", "Tue Jul 17 2012 10:14:53 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.ThirdPartyComponentsLastUpdate", "1331805997");
Line Found : user_pref("CT3015261.ToolbarShrinkedFromSetup", false);
Line Found : user_pref("CT3015261.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Found : user_pref("CT3015261.UserID", "UN47010554705404406");
Line Found : user_pref("CT3015261.ValidationData_Search", 2);
Line Found : user_pref("CT3015261.ValidationData_Toolbar", 2);
Line Found : user_pref("CT3015261.WeatherNetwork", "");
Line Found : user_pref("CT3015261.WeatherPollDate", "Wed Jul 18 2012 20:02:19 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.WeatherUnit", "F");
Line Found : user_pref("CT3015261.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3015261.alertChannelId", "1406927");
Line Found : user_pref("CT3015261.backendstorage.youtube_user_first_login_date", "30382F32312F32303131");
Line Found : user_pref("CT3015261.backendstorage.youtube_user_survey_visit", "4E4F545F56495349544544");
Line Found : user_pref("CT3015261.components.1000082", true);
Line Found : user_pref("CT3015261.components.1000234", true);
Line Found : user_pref("CT3015261.enableAlerts", "always");
Line Found : user_pref("CT3015261.firstTimeDialogOpened", true);
Line Found : user_pref("CT3015261.fixPageNotFoundErrorByUser", "false");
Line Found : user_pref("CT3015261.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3015261.fullUserID", "UN47010554705404406.UP.2135");
Line Found : user_pref("CT3015261.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Found : user_pref("CT3015261.globalFirstTimeInfoLastCheckTime", "Sun Jul 08 2012 20:32:06 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.homepageProtectorEnableByLogin", true);
Line Found : user_pref("CT3015261.initDone", true);
Line Found : user_pref("CT3015261.installType", "Unknown");
Line Found : user_pref("CT3015261.isAppTrackingManagerOn", true);
Line Found : user_pref("CT3015261.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3015261.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3015261.isFirstRadioInstallation", false);
Line Found : user_pref("CT3015261.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3015261.isPerformedSmartBarTransition", "true");
Line Found : user_pref("CT3015261.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3015261.keyword", true);
Line Found : user_pref("CT3015261.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3015261&octid=CT3015261&SearchSource=15&CUI=UN47010554705404406&SSPV=&Lay=1&UM=\"}");
Line Found : user_pref("CT3015261.lastVersion", "10.20.101.5");
Line Found : user_pref("CT3015261.myStuffEnabled", true);
Line Found : user_pref("CT3015261.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT3015261.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT3015261.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT3015261.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT3015261.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://CCC004.OurToolbar.com/\",\"EB_TOOLBAR_[...]
Line Found : user_pref("CT3015261.oldAppsList", "129506578324945315,129506578325335957,111,129506578326068408,129506578326556709,129506578328734533,1000080,129533670857631562,1000034,129791245798178143,12950657832[...]
Line Found : user_pref("CT3015261.originalSearchAddressUrl", "chrome://browser-region/locale/region.properties");
Line Found : user_pref("CT3015261.revertSettingsEnabled", false);
Line Found : user_pref("CT3015261.search.searchCount", 2);
Line Found : user_pref("CT3015261.searchFromAddressBarEnabledByUser", "true");
Line Found : user_pref("CT3015261.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT3015261.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3015261.searchProtectorDialogDelayInSec", 10);
Line Found : user_pref("CT3015261.searchProtectorEnableByLogin", true);
Line Found : user_pref("CT3015261.searchSuggestEnabledByUser", "false");
Line Found : user_pref("CT3015261.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3015261.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3015261.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3015261.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3015261\"}");
Line Found : user_pref("CT3015261.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://ZoneAlarmSecuritySuite.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3015261.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"ZoneAlarm Security Suite \"}");
Line Found : user_pref("CT3015261.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3015261.serviceLayer_services_Configuration_lastUpdate", "1384907893236");
Line Found : user_pref("CT3015261.serviceLayer_services_login_10.20.101.5_lastUpdate", "1384907893233");
Line Found : user_pref("CT3015261.serviceLayer_services_searchAPI_lastUpdate", "1384889693692");
Line Found : user_pref("CT3015261.serviceLayer_services_serviceMap_lastUpdate", "1384889690579");
Line Found : user_pref("CT3015261.serviceLayer_services_toolbarSettings_lastUpdate", "1384907893238");
Line Found : user_pref("CT3015261.serviceLayer_services_translation_lastUpdate", "1384907893240");
Line Found : user_pref("CT3015261.settingsINI", true);
Line Found : user_pref("CT3015261.showToolbarPermission", "false");
Line Found : user_pref("CT3015261.smartbar.CTID", "CT3015261");
Line Found : user_pref("CT3015261.smartbar.Uninstall", "0");
Line Found : user_pref("CT3015261.smartbar.toolbarName", "ZoneAlarm Security Suite ");
 
AdwCleaner logfile (Part 2 of 2)

Line Found : user_pref("CT3015261.testingCtid", "");
Line Found : user_pref("CT3015261.toolbarAppMetaDataLastCheckTime", "Fri Oct 18 2013 10:58:08 GMT-0600 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.toolbarBornServerTime", "2-8-2011");
Line Found : user_pref("CT3015261.toolbarContextMenuLastCheckTime", "Mon Jul 16 2012 09:58:32 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CT3015261.toolbarCurrentServerTime", "19-11-2013");
Line Found : user_pref("CT3015261.toolbarLoginClientTime", "Tue Nov 19 2013 17:38:12 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("CT3015261.upgradeFromOBVersion", true);
Line Found : user_pref("CT3015261.usagesFlag", 2);
Line Found : user_pref("CT3015261.youtube_user_first_login_date.from_oldbar.enc", "MDgvMjEvMjAxMQ==");
Line Found : user_pref("CT3015261.youtube_user_survey_visit.from_oldbar.enc", "Tk9UX1ZJU0lURUQ=");
Line Found : user_pref("CT3015261_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1384907889695,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3015261&SearchSource=13");
Line Found : user_pref("CommunityToolbar.ConduitSearchList", "ZoneAlarm Security Suite Customized Web Search");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3015261/CT3015261", "\"e20eab1696076daffef5cba7672dd5983\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1035394/1031105/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270698/1266370/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270703/1266375/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270707/1266379/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270710/1266382/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270713/1266385/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270718/1266390/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270721/1266393/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270727/1266399/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1406927/1402585/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2878731", "\"1292753069\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3015261", "\"1367217955\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2878731", "\"1292753069\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=EB_LOCALE", "L+tncv4eqt6Qm5T3dzChdA==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=EB_LOCALE", "poKjTfHs0NrVUIalKI8jyg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "mfQ70fvlD2zuBxSBj8rQqA==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=EB_LOCALE", "QmycQXJXVyFVAzIiNllWhQ==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=EB_LOCALE", "t6SQZ7j9WsBHhE8zC0kAEQ==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:14f9\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:144a\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:14f1\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:155b\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:15ff\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"23c5489aa686ce1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"f414eeaa6bece1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"0ee90707f77cc1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"6a637346d78ccc1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"6a637346d78ccc1:1254\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"023d3d3f2c9cc1:12ce\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3015261", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634325899280830000\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634303635100000000");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "634335443890000000");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/2011 12:59:49 PM", "634339976460000000");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/2011 6:54:06 PM", "634356118310000000");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3015261&octid=CT3015261", "\"1321893810\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2878731/CT2878731", "\"1294299462\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2878731/CT2878731", "\"1297007872\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/61/301/CT3015261/Images/634084960850172500.png", "\"42eee7aac1eaca1:0\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"634492029952000000\"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"2d87e72a099b1428cae19f08d2b5e786\"");
Line Found : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Line Found : user_pref("CommunityToolbar.EngineOwner", "CT2878731");
Line Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{90eee664-34b1-422a-a782-779af65cdf6d}");
Line Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "incredimail_mediabar_4");
Line Found : user_pref("CommunityToolbar.IsEngineShown", false);
Line Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Dana\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\mlwj5sce.default\\conduitCommon\\modules\\3.14.1.0");
Line Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2878731");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{90eee664-34b1-422a-a782-779af65cdf6d}");
Line Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "incredimail_mediabar_4");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT2642707,CT2878731,ConduitEngine,CT3015261");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2642707,CT2878731,CT3015261");
Line Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3015261");
Line Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Jun 03 2011 15:54:54 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jun 24 2011 12:18:02 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.locale", "en");
Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Jun 24 2011 17:38:33 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Line Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.alert.userId", "{cb72ebb3-e315-40ed-bf55-4f68d0ff03df}");
Line Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Apr 16 2012 21:07:59 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CommunityToolbar.globalUserId", "714612f7-65bf-4ca8-ae41-b6bb936c3585");
Line Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3015261");
Line Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Jul 18 2012 20:02:19 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Line Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Jul 18 2012 15:25:15 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.notifications.locale", "en");
Line Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Jul 18 2012 15:25:06 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.notifications.userId", "2a19a1ea-492f-4567-85cc-363f4e0477d8");
Line Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Jun 18 2011 14:18:57 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Mar 26 2011 16:56:35 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("ConduitEngine.FirstServerDate", "02/08/2011 18");
Line Found : user_pref("ConduitEngine.FirstTime", true);
Line Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Found : user_pref("ConduitEngine.Initialize", true);
Line Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Found : user_pref("ConduitEngine.InstalledDate", "Tue Feb 08 2011 08:30:09 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("ConduitEngine.IsMulticommunity", false);
Line Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Mar 28 2011 20:03:25 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Mon Mar 07 2011 09:51:17 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Mon Mar 28 2011 20:03:24 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Mar 28 2011 20:03:25 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("ConduitEngine.UserID", "UN07412012110148902");
Line Found : user_pref("ConduitEngine.engineLocale", "en-US");
Line Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Mar 28 2011 20:03:25 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Mar 28 2011 20:03:24 GMT-0600 (Mountain Daylight Time)");
Line Found : user_pref("ConduitEngine.initDone", true);
Line Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3015261");
Line Found : user_pref("browser.newtab.url", "hxxp://www.dosearches.com/newtab/?utm_source=b&utm_medium=tugs&utm_campaign=ST500DM002-1BD142_W2AC2RGF&utm_content=nt&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=13840[...]
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
Line Found : user_pref("browser.search.defaultthis.engineName", "ZoneAlarm Security Suite Customized Web Search");
Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=3&q={searchTerms}");
Line Found : user_pref("browser.search.order.1", "Mysearchdial");
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtC[...]
Line Found : user_pref("extensions.crossrider.bic", "13cc6c4c47eba88721f16932852328e6");
Line Found : user_pref("extensions.crossriderapp21804.21804.InstallationThankYouPage", true);
Line Found : user_pref("extensions.crossriderapp21804.21804.InstallationTime", 1360543829);
Line Found : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.searchUserConifrmation", false);
Line Found : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.setHomepage", false);
Line Found : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.setNewTab", false);
Line Found : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.setSearch", false);
Line Found : user_pref("extensions.crossriderapp21804.21804.active", true);
Line Found : user_pref("extensions.crossriderapp21804.21804.addressbar", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.addressbarenhanced", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.backgroundjs", "\n\n//\n");
Line Found : user_pref("extensions.crossriderapp21804.21804.backgroundver", 38);
Line Found : user_pref("extensions.crossriderapp21804.21804.can_run_bg_code", true);
Line Found : user_pref("extensions.crossriderapp21804.21804.certdomaininstaller", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.changeprevious", false);
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.value", "1360543829");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_aoi.value", "1360543829");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_arbitrary_code.expiration", "Tue Nov 19 2013 12:39:51 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_arbitrary_code.value", "%22%28function%28%29%7B_GPL_PLUGIN.st%3D%7B%5C%2274052%26pid%3D1269%5C%22%3A%7Bs%3A%5B%5C%2274052%26pid%3D1695%5C%22%[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_blocklist.expiration", "Tue Nov 19 2013 12:39:51 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_blocklist.value", "%22bing.com%2Cfacebook.com%2Cnonexistantdomain.com%22");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_cf_bu1.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_cf_bu1.value", "1361207894");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_country_code.expiration", "Tue Nov 26 2013 12:34:50 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_country_code.value", "%22US%22");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_crr.value", "1384052597");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_currenttime.value", "%221383332211%22");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_hotfix20111102645.value", "%221%22");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_delay.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_delay.value", "24");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_disclosure.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_disclosure.value", "1368378137");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_list.expiration", "Tue Nov 19 2013 18:34:53 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_list.value", "%7B%22f7610cf2b37067876b694a05c56f32e2%22%3A%7B%22p%22%3A%22/%22%7D%2C%22d763717b4b2e0a17a877cc642fb80ee4%22%3A%7B%22p%22%3A[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_list_temp.expiration", "Tue Nov 19 2013 12:44:51 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_list_temp.value", "1384889691.048");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%22100086%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%22100086%26subid%3D%26pid%3D1322%2[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installtime.value", "%221360453528%22");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_parent_zoneid.value", "%2214019%22");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_pc_20120828.value", "1360544726247");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_product_id.value", "%221175%22");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_zoneid.value", "%22142034%22");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.cookie.dbtest.value", "1360544711778");
Line Found : user_pref("extensions.crossriderapp21804.21804.description", "Coupon Companion");
Line Found : user_pref("extensions.crossriderapp21804.21804.domain", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.enablesearch", false);
Line Found : user_pref("extensions.crossriderapp21804.21804.fbremoteurl", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.group", 0);
Line Found : user_pref("extensions.crossriderapp21804.21804.homepage", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.iframe", false);
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%2244E9D12F4AB44D84BFCEB7FCC55414C7IE%22%2C%22installer_verifier%22%3A%229b5a24affd9b75[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_appVer.value", "54");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_lastVersion.value", "1");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_meta.value", "%7B%7D");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_nextCheck.expiration", "Tue Nov 19 2013 18:34:50 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_nextCheck.value", "true");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_queue.value", "%7B%7D");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.SoftwareDetected.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Found : user_pref("extensions.crossriderapp21804.21804.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%22%3Afalse%2C%22Wireshark%22%3Afalse%2C%22VirtualBox%22%3Afalse%2C%22VMWare%22%3Afalse%2C%22Inside[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1175,baseCDN:\"couponcp-a.akamaihd.net[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.manifesturl", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.name", "Coupon Companion Plugin");
Line Found : user_pref("extensions.crossriderapp21804.21804.newtab", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.opensearch", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.ex[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.name", "base");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.ver", 6);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(b){if(void 0===this||null===this)throw new TypeError;var c=Obje[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.ver", 15);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(b){console.log(b)},factor[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.name", "GPL Background (BG)");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.ver", 39);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection();}else{if(document.g[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.name", "CrossriderAppUtils");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.ver", 3);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigat[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.name", "CrossriderUtils");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.ver", 5);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&ty[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.name", "FFAppAPIWrapper");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.ver", 9);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, Joh[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.name", "jQuery");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.ver", 4);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.name", "debug");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.ver", 4);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b);}};appAPI.ready=function(c,b){a.when.apply(n[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.name", "resources");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.ver", 4);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.exte[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.name", "initializer");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.ver", 3);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"undefined\") {\n\n/*! jQuery [...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.name", "jquery_1_7_1");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.ver", 4);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.name", "resources_background");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.ver", 3);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};var b=function(j){return[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.name", "appApiMessage");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.ver", 2);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=function(s,r,t){var q=\"[[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.name", "appApiValidation");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.ver", 3);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAgent!==\"undefined\"){(func[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.name", "CrossriderInfo");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.ver", 3);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=function(){var d=function(g){if(g===true){unsafeWindow.appAPI=[...]
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_98.name", "omniCommands");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_98.ver", 2);
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,1000015");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,1000014,28");
Line Found : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Line Found : user_pref("extensions.crossriderapp21804.21804.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/21804/plugins/088/ff/plugins.json");
Line Found : user_pref("extensions.crossriderapp21804.21804.pluginsversion", 51);
Line Found : user_pref("extensions.crossriderapp21804.21804.publisher", "Innovative Apps");
Line Found : user_pref("extensions.crossriderapp21804.21804.searchstatus", 0);
Line Found : user_pref("extensions.crossriderapp21804.21804.setnewtab", false);
Line Found : user_pref("extensions.crossriderapp21804.21804.settingsurl", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.thankyou", "");
Line Found : user_pref("extensions.crossriderapp21804.21804.updateinterval", 360);
Line Found : user_pref("extensions.crossriderapp21804.21804.ver", 54);
Line Found : user_pref("extensions.crossriderapp21804.adsOldValue", -1);
Line Found : user_pref("extensions.crossriderapp21804.apps", "21804");
Line Found : user_pref("extensions.crossriderapp21804.bic", "13cc6c4c47eba88721f16932852328e6");
Line Found : user_pref("extensions.crossriderapp21804.cid", 21804);
Line Found : user_pref("extensions.crossriderapp21804.firstrun", false);
Line Found : user_pref("extensions.crossriderapp21804.hadappinstalled", true);
Line Found : user_pref("extensions.crossriderapp21804.installationdate", 1360544450);
Line Found : user_pref("extensions.crossriderapp21804.lastcheck", 23081495);
Line Found : user_pref("extensions.crossriderapp21804.lastcheckitem", 23081495);
Line Found : user_pref("extensions.crossriderapp21804.modetype", "production");
Line Found : user_pref("extensions.crossriderapp21804.reportInstall", true);
Line Found : user_pref("extensions.crossriderapp21804.updating", true);
Line Found : user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.1,{89736E8E-4B14-4042-8C75-AD00B6BD3900}:1.0.5,{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,jqs@sun.com:1.0,hxxps-everyw[...]
Line Found : user_pref("extensions.mysearchdial.aflt", "irmsd103");
Line Found : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Line Found : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA");
Line Found : user_pref("extensions.mysearchdial.cntry", "US");
Line Found : user_pref("extensions.mysearchdial.cr", "567981372");
Line Found : user_pref("extensions.mysearchdial.dfltLng", "");
Line Found : user_pref("extensions.mysearchdial.dfltSrch", true);
Line Found : user_pref("extensions.mysearchdial.dnsErr", true);
Line Found : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Line Found : user_pref("extensions.mysearchdial.dspFFXOld", "dosearches");
Line Found : user_pref("extensions.mysearchdial.excTlbr", false);
Line Found : user_pref("extensions.mysearchdial.hdrMd5", "C7ADB1E6B91217ADB0D130634A39B981");
Line Found : user_pref("extensions.mysearchdial.hmpg", true);
Line Found : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1[...]
Line Found : user_pref("extensions.mysearchdial.hpFFXOld", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=hp&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503");
Line Found : user_pref("extensions.mysearchdial.id", "E840F2E0F4FD5E8F");
Line Found : user_pref("extensions.mysearchdial.instlDay", "16018");
Line Found : user_pref("extensions.mysearchdial.instlRef", "");
Line Found : user_pref("extensions.mysearchdial.lastB", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=hp&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503");
Line Found : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.21.019:1:37");
Line Found : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1[...]
Line Found : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"81\",\"lastVrsn\":\"81\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Line Found : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Line Found : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Line Found : user_pref("extensions.mysearchdial.sg", "none");
Line Found : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Line Found : user_pref("extensions.mysearchdial.tlbrId", "base");
Line Found : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1[...]
Line Found : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Line Found : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Line Found : user_pref("extensions.mysearchdial_i.hmpg", true);
Line Found : user_pref("extensions.mysearchdial_i.newTab", false);
Line Found : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Line Found : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.019:1:37");
Line Found : user_pref("iminent.webbooster.scripts.minibar.enabledAds", "false");
Line Found : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent101", "1361514030577");
Line Found : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1367005151201");
Line Found : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1371882045716");
Line Found : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent110", "1362114923286");
Line Found : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1371882045724");
Line Found : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent112", "1363722747186");
Line Found : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1371882045733");
Line Found : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1363628684694");
Line Found : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent140", "1365296279546");
Line Found : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1367478403185");
Line Found : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1371881544091");
Line Found : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent110", "1365182017303");
Line Found : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1371881544104");
Line Found : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1371881551998");
Line Found : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1371881544114");
Line Found : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent134", "1366388102733");
Line Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=2&CUI=UN47010554705404406&UM=&q=");
Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3015261");
Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3015261&SearchSource=13");
Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=2&CU[...]
Line Found : user_pref("smartbar.machineId", "LLKOQ1RTZOXO7Y2MI5D6J6S9ZLVKPYQS+QBUYUA/FDTVEJ1STQZYMIGUOF6UV/Z9BNHQDHKSHFFTJ6BCXFV0RA");

-\\ Google Chrome v

[ File : C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [97613 octets] - [26/11/2013 11:28:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [97674 octets] ##########
 
Double click on AdwCleaner.exe to run the tool again.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.



thisisujrt.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
AdwCleaner and JRT logs (part 1 of 2)

  • Started desktop in 'Safe Mode with Networking', ran AdwCleaner 'Scan', however, clicking 'Clean' did not work.
  • Restarted desktop in Normal mode, ran AdwCleaner 'Scan', clicked 'Clean', it worked.
  • Rebooted desktop (Normal mode) AdwCleaner log file posted below
  • Ran JRT 'as Administrator' (think I got all protection software shut down)
  • JRT log file posted below

AdwCleaner log file (Part 1 of 2)
# AdwCleaner v3.013 - Report created 26/11/2013 at 14:41:56
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dana - DANA-HP
# Running from : C:\Users\Dana\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : 70e6ca8c

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\Program Files (x86)\InfoAtoms
Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
Folder Deleted : C:\Users\Dana\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Dana\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\Dana\AppData\Roaming\digitalsite
Folder Deleted : C:\Users\Dana\AppData\Roaming\Iminent
Folder Deleted : C:\Users\Dana\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\ConduitCommon
Folder Deleted : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\Smartbar
Folder Deleted : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\CT3015261
Folder Deleted : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\infoatoms@infoatoms.com
Folder Deleted : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\Extensions\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}
Folder Deleted : C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
File Deleted : C:\Users\Dana\AppData\Local\mysearchdial-speeddial.crx
File Deleted : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\searchplugins\zonealarm.xml
File Deleted : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\user.js

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Dana\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Dana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [infoatoms@infoatoms.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ccncljhbalbbkkfgopogabimepmfkmff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_nonsearch_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182204}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185504}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244184404}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185504}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
Key Deleted : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
Key Deleted : HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\prefs.js ]

Line Deleted : user_pref("CT2642707.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2642707.CTID", "CT2642707");
Line Deleted : user_pref("CT2642707.CurrentServerDate", "28-8-2010");
Line Deleted : user_pref("CT2642707.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2642707.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2642707.EMailNotifierPollDate", "Fri Aug 27 2010 20:37:41 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT2642707.ExternalComponentPollDate129273915361569259", "Fri Aug 27 2010 20:31:16 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT2642707.FirstServerDate", "28-8-2010");
Line Deleted : user_pref("CT2642707.FirstTime", true);
Line Deleted : user_pref("CT2642707.FirstTimeFF3", true);
Line Deleted : user_pref("CT2642707.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT2642707.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2642707.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2642707.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2642707.Initialize", true);
Line Deleted : user_pref("CT2642707.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2642707.InstallationAndCookieDataSentCount", 1);
Line Deleted : user_pref("CT2642707.InstalledDate", "Fri Aug 27 2010 20:31:18 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT2642707.InvalidateCache", false);
Line Deleted : user_pref("CT2642707.IsGrouping", false);
Line Deleted : user_pref("CT2642707.IsMulticommunity", false);
Line Deleted : user_pref("CT2642707.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2642707.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2642707.LanguagePackLastCheckTime", "Fri Aug 27 2010 20:31:18 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT2642707.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2642707.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2642707.LastLogin_2.7.2.0", "Fri Aug 27 2010 20:32:40 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT2642707.LatestVersion", "2.7.2.0");
Line Deleted : user_pref("CT2642707.Locale", "en");
Line Deleted : user_pref("CT2642707.LoginCache", 4);
Line Deleted : user_pref("CT2642707.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2642707.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2642707.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2642707.RadioIsPodcast", false);
Line Deleted : user_pref("CT2642707.RadioLastCheckTime", "Fri Aug 27 2010 20:32:39 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT2642707.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT2642707.RadioLastUpdateServer", "3");
Line Deleted : user_pref("CT2642707.RadioMediaID", "9962");
Line Deleted : user_pref("CT2642707.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2642707.RadioMenuSelectedID", "EBRadioMenu_CT26427079962");
Line Deleted : user_pref("CT2642707.RadioStationName", "California%20Rock");
Line Deleted : user_pref("CT2642707.RadioStationURL", "hxxp://feedlive.net/california.asx");
Line Deleted : user_pref("CT2642707.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2642707&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2642707.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2642707.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2642707&q=");
Line Deleted : user_pref("CT2642707.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2642707.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2642707.SearchInNewTabLastCheckTime", "Fri Aug 27 2010 20:32:42 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT2642707.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2642707.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2642707.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2642707.SettingsLastCheckTime", "Fri Aug 27 2010 20:31:14 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT2642707.SettingsLastUpdate", "1282918036");
Line Deleted : user_pref("CT2642707.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2642707.ThirdPartyComponentsLastCheck", "Fri Aug 27 2010 20:31:12 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT2642707.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT2642707.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Deleted : user_pref("CT2642707.UserID", "UN68802187513420710");
Line Deleted : user_pref("CT2642707.WeatherNetwork", "");
Line Deleted : user_pref("CT2642707.WeatherPollDate", "Fri Aug 27 2010 20:31:18 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT2642707.WeatherUnit", "F");
Line Deleted : user_pref("CT2642707.alertChannelId", "1035394");
Line Deleted : user_pref("CT2642707.clientLogIsEnabled", false);
Line Deleted : user_pref("CT2642707.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2642707.myStuffEnabled", true);
Line Deleted : user_pref("CT2642707.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2642707.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2642707.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2642707.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2642707.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2878731..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2878731..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2878731..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2878731.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2878731.CT2878736.CommunityChanged", true);
Line Deleted : user_pref("CT2878731.CT2878740.CommunityChanged", true);
Line Deleted : user_pref("CT2878731.CT2878743.CommunityChanged", true);
Line Deleted : user_pref("CT2878731.CT2878746.CommunityChanged", true);
Line Deleted : user_pref("CT2878731.CT2878751.CommunityChanged", true);
Line Deleted : user_pref("CT2878731.CT2878754.CommunityChanged", true);
Line Deleted : user_pref("CT2878731.CT2878761.CommunityChanged", true);
Line Deleted : user_pref("CT2878731.CTID", "ct2878731");
Line Deleted : user_pref("CT2878731.CommunitiesChangesLastCheckTime", "Sun Feb 06 2011 22:17:09 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.CommunityChanged", true);
Line Deleted : user_pref("CT2878731.CurrentServerDate", "7-2-2011");
Line Deleted : user_pref("CT2878731.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2878731.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2878731.FirstServerDate", "8-1-2011");
Line Deleted : user_pref("CT2878731.FirstTime", true);
Line Deleted : user_pref("CT2878731.FirstTimeFF3", true);
Line Deleted : user_pref("CT2878731.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2878731.GroupingLastCheckTime", "Sun Feb 06 2011 22:17:02 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT2878731.GroupingLastResponse", false);
Line Deleted : user_pref("CT2878731.GroupingLastServerUpdateTime", "129387802624070000");
Line Deleted : user_pref("CT2878731.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2878731.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2878731.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2878731.Initialize", true);
Line Deleted : user_pref("CT2878731.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2878731.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2878731.InstallationId", "IncrediMail_MediaBar_4.exe");
Line Deleted : user_pref("CT2878731.InstallationType", "ConduitIntegration");
Line Deleted : user_pref("CT2878731.InstalledDate", "Sat Jan 08 2011 08:15:03 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.IsGrouping", true);
Line Deleted : user_pref("CT2878731.IsMulticommunity", false);
Line Deleted : user_pref("CT2878731.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT2878731.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2878731.LanguagePackLastCheckTime", "Sat Jan 08 2011 08:15:06 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2878731.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2878731.LastLogin_3.2.5.2", "Sun Feb 06 2011 22:17:14 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.LatestVersion", "3.2.5.2");
Line Deleted : user_pref("CT2878731.Locale", "en");
Line Deleted : user_pref("CT2878731.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2878731.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2878731.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2878731.RadioIsPodcast", false);
Line Deleted : user_pref("CT2878731.RadioMediaID", "9962");
Line Deleted : user_pref("CT2878731.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2878731.RadioMenuSelectedID", "EBRadioMenu_CT28787319962");
Line Deleted : user_pref("CT2878731.RadioStationName", "California%20Rock");
Line Deleted : user_pref("CT2878731.RadioStationURL", "hxxp://feedlive.net/california.asx");
Line Deleted : user_pref("CT2878731.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2878731.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2878731&q=");
Line Deleted : user_pref("CT2878731.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2878731.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2878731.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2878731.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2878731.ServiceMapLastCheckTime", "Sun Feb 06 2011 22:17:11 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.SettingsLastCheckTime", "Sat Jan 08 2011 08:14:58 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.SettingsLastUpdate", "1294299462");
Line Deleted : user_pref("CT2878731.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2878731.ThirdPartyComponentsLastCheck", "Sat Jan 08 2011 08:14:58 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT2878731.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Deleted : user_pref("CT2878731.UserID", "UN31067470497287730");
Line Deleted : user_pref("CT2878731.WeatherNetwork", "");
Line Deleted : user_pref("CT2878731.WeatherPollDate", "Sun Feb 06 2011 22:47:22 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.WeatherUnit", "C");
Line Deleted : user_pref("CT2878731.ct2878731.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2878731.ct2878731.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT2878731.ct2878731.GroupingLastCheckTime", "Sun Feb 06 2011 22:17:09 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.ct2878731.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT2878731.ct2878731.GroupingLastResponse", false);
Line Deleted : user_pref("CT2878731.ct2878731.GroupingLastServerUpdateTime", "129387802624070000");
Line Deleted : user_pref("CT2878731.ct2878731.InvalidateCache", false);
Line Deleted : user_pref("CT2878731.ct2878731.LanguagePackLastCheckTime", "Sun Feb 06 2011 22:17:13 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.ct2878731.Locale", "en");
Line Deleted : user_pref("CT2878731.ct2878731.RadioLastCheckTime", "Sun Feb 06 2011 22:17:18 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.ct2878731.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT2878731.ct2878731.RadioLastUpdateServer", "3");
Line Deleted : user_pref("CT2878731.ct2878731.SearchInNewTabLastCheckTime", "Sun Feb 06 2011 22:17:11 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.ct2878731.SettingsLastCheckTime", "Sun Feb 06 2011 22:17:02 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.ct2878731.SettingsLastUpdate", "1297007872");
Line Deleted : user_pref("CT2878731.ct2878731.ThirdPartyComponentsLastCheck", "Sun Feb 06 2011 22:17:01 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.ct2878731.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT2878731.ct2878731.toolbarAppMetaDataLastCheckTime", "Sun Feb 06 2011 22:17:13 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.ct2878731.toolbarContextMenuLastCheckTime", "Sat Jan 08 2011 08:15:16 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.myStuffEnabled", true);
Line Deleted : user_pref("CT2878731.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2878731.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2878731.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2878731.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2878731.testingCtid", "");
Line Deleted : user_pref("CT2878731.toolbarAppMetaDataLastCheckTime", "Sat Jan 08 2011 08:15:16 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT2878731.toolbarContextMenuLastCheckTime", "Sat Jan 08 2011 08:15:16 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261..clientLogIsEnabled", false);
Line Deleted : user_pref("CT3015261..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT3015261..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT3015261.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT3015261.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT3015261.AppTrackingLastCheckTime", "Fri Jul 13 2012 16:27:02 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.BrowserCompStateIsOpen_129958911685785597", true);
Line Deleted : user_pref("CT3015261.BrowserCompStateIsOpen_1367165901000", true);
Line Deleted : user_pref("CT3015261.CT3015261", "CT3015261");
Line Deleted : user_pref("CT3015261.CurrentServerDate", "15-10-2013");
Line Deleted : user_pref("CT3015261.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT3015261.DialogsGetterLastCheckTime", "Tue Oct 15 2013 10:58:16 GMT-0600 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT3015261.EMailNotifierPollDate", "Wed Jul 18 2012 20:07:17 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3015261.FirstServerDate", "2-8-2011");
Line Deleted : user_pref("CT3015261.FirstTime", true);
Line Deleted : user_pref("CT3015261.FirstTimeFF3", true);
Line Deleted : user_pref("CT3015261.FixPageNotFoundErrors", false);
Line Deleted : user_pref("CT3015261.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT3015261.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT3015261.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT3015261.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT3015261.Initialize", true);
Line Deleted : user_pref("CT3015261.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT3015261.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT3015261.InstallationType", "Unknown");
Line Deleted : user_pref("CT3015261.InstalledDate", "Tue Aug 02 2011 10:23:01 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.InvalidateCache", false);
Line Deleted : user_pref("CT3015261.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT3015261.IsGrouping", false);
Line Deleted : user_pref("CT3015261.IsInitSetupIni", true);
Line Deleted : user_pref("CT3015261.IsMulticommunity", false);
Line Deleted : user_pref("CT3015261.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT3015261.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT3015261.IsProtectorsInit", true);
Line Deleted : user_pref("CT3015261.LanguagePackLastCheckTime", "Fri Oct 18 2013 10:58:16 GMT-0600 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT3015261.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT3015261.LastLogin_3.10.0.1", "Tue Apr 17 2012 20:57:18 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.12.0.7", "Tue Apr 24 2012 14:51:19 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.12.2.3", "Wed May 30 2012 21:25:41 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.13.0.6", "Mon Jul 16 2012 09:58:32 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.14.1.0", "Tue Aug 21 2012 15:28:43 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.15.1.0", "Wed Nov 07 2012 10:36:34 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.16.0.3", "Sun Feb 10 2013 16:01:44 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.18.0.7", "Mon Jul 29 2013 22:07:25 GMT-0600 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.19.0.3", "Tue Oct 15 2013 10:58:15 GMT-0600 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.6.0.10", "Fri Sep 30 2011 08:24:28 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.7.0.6", "Thu Nov 17 2011 13:47:16 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.8.0.8", "Wed Dec 07 2011 16:45:19 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.8.1.0", "Sat Jan 28 2012 12:41:21 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.LastLogin_3.9.0.3", "Thu Mar 08 2012 11:03:23 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT3015261.Locale", "en");
Line Deleted : user_pref("CT3015261.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT3015261.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT3015261.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT3015261.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT3015261.OriginalFirstVersion", "3.6.0.10");
Line Deleted : user_pref("CT3015261.RadioIsPodcast", false);
Line Deleted : user_pref("CT3015261.RadioLastCheckTime", "Wed Jul 18 2012 10:00:01 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT3015261.RadioLastUpdateServer", "0");
Line Deleted : user_pref("CT3015261.RadioMediaID", "7865421");
Line Deleted : user_pref("CT3015261.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT3015261.RadioMenuSelectedID", "EBRadioMenu_CT3015261_RECENT7865421");
Line Deleted : user_pref("CT3015261.RadioShrinkedFromSetup", false);
Line Deleted : user_pref("CT3015261.RadioStationName", "WAMU%2C%2088.5%20FM%2C%20Washington%20DC");
Line Deleted : user_pref("CT3015261.RadioStationURL", "hxxp://wamu.org/streams/live/1/win");
Line Deleted : user_pref("CT3015261.RadioVolume", "18");
Line Deleted : user_pref("CT3015261.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT3015261.SavedHomepage", "hxxps://encrypted.google.com/webhp?client=firefox-a&rls=org.mozilla:en-US:official");
Line Deleted : user_pref("CT3015261.SearchEngineBeforeUnload", "MyStart Search");
Line Deleted : user_pref("CT3015261.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT3015261.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=2&q=");
Line Deleted : user_pref("CT3015261.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT3015261.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT3015261.SearchInNewTabLastCheckTime", "Fri Oct 18 2013 10:58:08 GMT-0600 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT3015261.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT3015261.SearchProtectorEnabled", false);
Line Deleted : user_pref("CT3015261.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT3015261.ServiceMapLastCheckTime", "Fri Oct 18 2013 10:58:08 GMT-0600 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.SettingsLastCheckTime", "Tue Oct 15 2013 10:58:07 GMT-0600 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.SettingsLastUpdate", "1381306403");
Line Deleted : user_pref("CT3015261.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT3015261.ThirdPartyComponentsLastCheck", "Tue Jul 17 2012 10:14:53 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT3015261.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT3015261.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT3015261.UserID", "UN47010554705404406");
Line Deleted : user_pref("CT3015261.ValidationData_Search", 2);
Line Deleted : user_pref("CT3015261.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT3015261.WeatherNetwork", "");
Line Deleted : user_pref("CT3015261.WeatherPollDate", "Wed Jul 18 2012 20:02:19 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.WeatherUnit", "F");
Line Deleted : user_pref("CT3015261.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3015261.alertChannelId", "1406927");
Line Deleted : user_pref("CT3015261.backendstorage.youtube_user_first_login_date", "30382F32312F32303131");
Line Deleted : user_pref("CT3015261.backendstorage.youtube_user_survey_visit", "4E4F545F56495349544544");
Line Deleted : user_pref("CT3015261.components.1000082", true);
Line Deleted : user_pref("CT3015261.components.1000234", true);
Line Deleted : user_pref("CT3015261.enableAlerts", "always");
Line Deleted : user_pref("CT3015261.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT3015261.fixPageNotFoundErrorByUser", "false");
Line Deleted : user_pref("CT3015261.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3015261.fullUserID", "UN47010554705404406.UP.2135");
Line Deleted : user_pref("CT3015261.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
 
AdwCleaner and JRT logs (part 2 of 2)

Line Deleted : user_pref("CT3015261.globalFirstTimeInfoLastCheckTime", "Sun Jul 08 2012 20:32:06 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3015261.initDone", true);
Line Deleted : user_pref("CT3015261.installType", "Unknown");
Line Deleted : user_pref("CT3015261.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT3015261.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3015261.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3015261.isFirstRadioInstallation", false);
Line Deleted : user_pref("CT3015261.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3015261.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT3015261.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3015261.keyword", true);
Line Deleted : user_pref("CT3015261.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3015261&octid=CT3015261&SearchSource=15&CUI=UN47010554705404406&SSPV=&Lay=1&UM=\"}");
Line Deleted : user_pref("CT3015261.lastVersion", "10.20.101.5");
Line Deleted : user_pref("CT3015261.myStuffEnabled", true);
Line Deleted : user_pref("CT3015261.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT3015261.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT3015261.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT3015261.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT3015261.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://CCC004.OurToolbar.com/\",\"EB_TOOLBAR_[...]
Line Deleted : user_pref("CT3015261.oldAppsList", "129506578324945315,129506578325335957,111,129506578326068408,129506578326556709,129506578328734533,1000080,129533670857631562,1000034,129791245798178143,12950657832[...]
Line Deleted : user_pref("CT3015261.originalSearchAddressUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CT3015261.revertSettingsEnabled", false);
Line Deleted : user_pref("CT3015261.search.searchCount", 2);
Line Deleted : user_pref("CT3015261.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3015261.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3015261.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3015261.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT3015261.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3015261.searchSuggestEnabledByUser", "false");
Line Deleted : user_pref("CT3015261.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3015261.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3015261.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3015261.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3015261\"}");
Line Deleted : user_pref("CT3015261.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://ZoneAlarmSecuritySuite.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3015261.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"ZoneAlarm Security Suite \"}");
Line Deleted : user_pref("CT3015261.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3015261.serviceLayer_services_Configuration_lastUpdate", "1384907893236");
Line Deleted : user_pref("CT3015261.serviceLayer_services_login_10.20.101.5_lastUpdate", "1384907893233");
Line Deleted : user_pref("CT3015261.serviceLayer_services_searchAPI_lastUpdate", "1384889693692");
Line Deleted : user_pref("CT3015261.serviceLayer_services_serviceMap_lastUpdate", "1384889690579");
Line Deleted : user_pref("CT3015261.serviceLayer_services_toolbarSettings_lastUpdate", "1384907893238");
Line Deleted : user_pref("CT3015261.serviceLayer_services_translation_lastUpdate", "1384907893240");
Line Deleted : user_pref("CT3015261.settingsINI", true);
Line Deleted : user_pref("CT3015261.showToolbarPermission", "false");
Line Deleted : user_pref("CT3015261.smartbar.CTID", "CT3015261");
Line Deleted : user_pref("CT3015261.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3015261.smartbar.toolbarName", "ZoneAlarm Security Suite ");
Line Deleted : user_pref("CT3015261.testingCtid", "");
Line Deleted : user_pref("CT3015261.toolbarAppMetaDataLastCheckTime", "Fri Oct 18 2013 10:58:08 GMT-0600 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.toolbarBornServerTime", "2-8-2011");
Line Deleted : user_pref("CT3015261.toolbarContextMenuLastCheckTime", "Mon Jul 16 2012 09:58:32 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CT3015261.toolbarCurrentServerTime", "19-11-2013");
Line Deleted : user_pref("CT3015261.toolbarLoginClientTime", "Tue Nov 19 2013 17:38:12 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("CT3015261.upgradeFromOBVersion", true);
Line Deleted : user_pref("CT3015261.usagesFlag", 2);
Line Deleted : user_pref("CT3015261.youtube_user_first_login_date.from_oldbar.enc", "MDgvMjEvMjAxMQ==");
Line Deleted : user_pref("CT3015261.youtube_user_survey_visit.from_oldbar.enc", "Tk9UX1ZJU0lURUQ=");
Line Deleted : user_pref("CT3015261_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1384907889695,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3015261&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "ZoneAlarm Security Suite Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3015261/CT3015261", "\"e20eab1696076daffef5cba7672dd5983\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1035394/1031105/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270698/1266370/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270703/1266375/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270707/1266379/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270710/1266382/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270713/1266385/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270718/1266390/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270721/1266393/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1270727/1266399/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1406927/1402585/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2878731", "\"1292753069\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3015261", "\"1367217955\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2878731", "\"1292753069\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=EB_LOCALE", "L+tncv4eqt6Qm5T3dzChdA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=EB_LOCALE", "poKjTfHs0NrVUIalKI8jyg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "mfQ70fvlD2zuBxSBj8rQqA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=EB_LOCALE", "QmycQXJXVyFVAzIiNllWhQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=EB_LOCALE", "t6SQZ7j9WsBHhE8zC0kAEQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:14f9\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:144a\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:14f1\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:155b\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:15ff\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"23c5489aa686ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"f414eeaa6bece1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"0ee90707f77cc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"6a637346d78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"6a637346d78ccc1:1254\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"023d3d3f2c9cc1:12ce\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"801a319dd78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3015261", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634325899280830000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634303635100000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "634335443890000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/2011 12:59:49 PM", "634339976460000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/2011 6:54:06 PM", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3015261&octid=CT3015261", "\"1321893810\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2878731/CT2878731", "\"1294299462\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2878731/CT2878731", "\"1297007872\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/61/301/CT3015261/Images/634084960850172500.png", "\"42eee7aac1eaca1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"634492029952000000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"2d87e72a099b1428cae19f08d2b5e786\"");
Line Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2878731");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{90eee664-34b1-422a-a782-779af65cdf6d}");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "incredimail_mediabar_4");
Line Deleted : user_pref("CommunityToolbar.IsEngineShown", false);
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Dana\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\mlwj5sce.default\\conduitCommon\\modules\\3.14.1.0");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2878731");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{90eee664-34b1-422a-a782-779af65cdf6d}");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "incredimail_mediabar_4");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2642707,CT2878731,ConduitEngine,CT3015261");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2642707,CT2878731,CT3015261");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3015261");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Jun 03 2011 15:54:54 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jun 24 2011 12:18:02 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Jun 24 2011 17:38:33 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "{cb72ebb3-e315-40ed-bf55-4f68d0ff03df}");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Apr 16 2012 21:07:59 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "714612f7-65bf-4ca8-ae41-b6bb936c3585");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3015261");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Jul 18 2012 20:02:19 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Jul 18 2012 15:25:15 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Jul 18 2012 15:25:06 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "2a19a1ea-492f-4567-85cc-363f4e0477d8");
Line Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Jun 18 2011 14:18:57 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Mar 26 2011 16:56:35 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("ConduitEngine.FirstServerDate", "02/08/2011 18");
Line Deleted : user_pref("ConduitEngine.FirstTime", true);
Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Deleted : user_pref("ConduitEngine.Initialize", true);
Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Deleted : user_pref("ConduitEngine.InstalledDate", "Tue Feb 08 2011 08:30:09 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Mar 28 2011 20:03:25 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Mon Mar 07 2011 09:51:17 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Mon Mar 28 2011 20:03:24 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Mar 28 2011 20:03:25 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("ConduitEngine.UserID", "UN07412012110148902");
Line Deleted : user_pref("ConduitEngine.engineLocale", "en-US");
Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Mar 28 2011 20:03:25 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Mar 28 2011 20:03:24 GMT-0600 (Mountain Daylight Time)");
Line Deleted : user_pref("ConduitEngine.initDone", true);
Line Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3015261");
Line Deleted : user_pref("browser.newtab.url", "hxxp://www.dosearches.com/newtab/?utm_source=b&utm_medium=tugs&utm_campaign=ST500DM002-1BD142_W2AC2RGF&utm_content=nt&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=13840[...]
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "ZoneAlarm Security Suite Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.order.1", "Mysearchdial");
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtC[...]
Line Deleted : user_pref("extensions.crossrider.bic", "13cc6c4c47eba88721f16932852328e6");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationThankYouPage", true);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationTime", 1360543829);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.searchUserConifrmation", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.setHomepage", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.setNewTab", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationUserSettings.setSearch", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.active", true);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.addressbar", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.addressbarenhanced", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.backgroundjs", "\n\n//\n");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.backgroundver", 38);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.can_run_bg_code", true);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.certdomaininstaller", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.changeprevious", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.value", "1360543829");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_aoi.value", "1360543829");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_arbitrary_code.expiration", "Tue Nov 19 2013 12:39:51 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_arbitrary_code.value", "%22%28function%28%29%7B_GPL_PLUGIN.st%3D%7B%5C%2274052%26pid%3D1269%5C%22%3A%7Bs%3A%5B%5C%2274052%26pid%3D1695%5C%22%[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_blocklist.expiration", "Tue Nov 19 2013 12:39:51 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_blocklist.value", "%22bing.com%2Cfacebook.com%2Cnonexistantdomain.com%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_cf_bu1.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_cf_bu1.value", "1361207894");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_country_code.expiration", "Tue Nov 26 2013 12:34:50 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_country_code.value", "%22US%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_crr.value", "1384052597");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_currenttime.value", "%221383332211%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_hotfix20111102645.value", "%221%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_delay.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_delay.value", "24");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_disclosure.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_disclosure.value", "1368378137");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_list.expiration", "Tue Nov 19 2013 18:34:53 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_list.value", "%7B%22f7610cf2b37067876b694a05c56f32e2%22%3A%7B%22p%22%3A%22/%22%7D%2C%22d763717b4b2e0a17a877cc642fb80ee4%22%3A%7B%22p%22%3A[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_list_temp.expiration", "Tue Nov 19 2013 12:44:51 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_ib_list_temp.value", "1384889691.048");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%22100086%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%22100086%26subid%3D%26pid%3D1322%2[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_installtime.value", "%221360453528%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_parent_zoneid.value", "%2214019%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_pc_20120828.value", "1360544726247");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_product_id.value", "%221175%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie._GPL_zoneid.value", "%22142034%22");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.dbtest.value", "1360544711778");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.description", "Coupon Companion");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.domain", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.enablesearch", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.fbremoteurl", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.group", 0);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.homepage", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.iframe", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%2244E9D12F4AB44D84BFCEB7FCC55414C7IE%22%2C%22installer_verifier%22%3A%229b5a24affd9b75[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_appVer.value", "54");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_lastVersion.value", "1");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_nextCheck.expiration", "Tue Nov 19 2013 18:34:50 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.SoftwareDetected.expiration", "Fri Feb 01 2030 00:00:00 GMT-0700 (Mountain Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%22%3Afalse%2C%22Wireshark%22%3Afalse%2C%22VirtualBox%22%3Afalse%2C%22VMWare%22%3Afalse%2C%22Inside[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1175,baseCDN:\"couponcp-a.akamaihd.net[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.manifesturl", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.name", "Coupon Companion Plugin");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.newtab", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.opensearch", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.ex[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.name", "base");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.ver", 6);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(b){if(void 0===this||null===this)throw new TypeError;var c=Obje[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.ver", 15);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(b){console.log(b)},factor[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.name", "GPL Background (BG)");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.ver", 39);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection();}else{if(document.g[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.name", "CrossriderAppUtils");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigat[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.name", "CrossriderUtils");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.ver", 5);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&ty[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.name", "FFAppAPIWrapper");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.ver", 9);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, Joh[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.name", "jQuery");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.name", "debug");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b);}};appAPI.ready=function(c,b){a.when.apply(n[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.name", "resources");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.exte[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.name", "initializer");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"undefined\") {\n\n/*! jQuery [...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.name", "jquery_1_7_1");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.name", "resources_background");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};var b=function(j){return[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.name", "appApiMessage");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=function(s,r,t){var q=\"[[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.name", "appApiValidation");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAgent!==\"undefined\"){(func[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.name", "CrossriderInfo");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=function(){var d=function(g){if(g===true){unsafeWindow.appAPI=[...]
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_98.name", "omniCommands");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_98.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,1000015");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,1000014,28");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/21804/plugins/088/ff/plugins.json");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.pluginsversion", 51);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.publisher", "Innovative Apps");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.searchstatus", 0);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.setnewtab", false);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.settingsurl", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.thankyou", "");
Line Deleted : user_pref("extensions.crossriderapp21804.21804.updateinterval", 360);
Line Deleted : user_pref("extensions.crossriderapp21804.21804.ver", 54);
Line Deleted : user_pref("extensions.crossriderapp21804.adsOldValue", -1);
Line Deleted : user_pref("extensions.crossriderapp21804.apps", "21804");
Line Deleted : user_pref("extensions.crossriderapp21804.bic", "13cc6c4c47eba88721f16932852328e6");
Line Deleted : user_pref("extensions.crossriderapp21804.cid", 21804);
Line Deleted : user_pref("extensions.crossriderapp21804.firstrun", false);
Line Deleted : user_pref("extensions.crossriderapp21804.hadappinstalled", true);
Line Deleted : user_pref("extensions.crossriderapp21804.installationdate", 1360544450);
Line Deleted : user_pref("extensions.crossriderapp21804.lastcheck", 23081495);
Line Deleted : user_pref("extensions.crossriderapp21804.lastcheckitem", 23081495);
Line Deleted : user_pref("extensions.crossriderapp21804.modetype", "production");
Line Deleted : user_pref("extensions.crossriderapp21804.reportInstall", true);
Line Deleted : user_pref("extensions.crossriderapp21804.updating", true);
Line Deleted : user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.1,{89736E8E-4B14-4042-8C75-AD00B6BD3900}:1.0.5,{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,jqs@sun.com:1.0,hxxps-everyw[...]
Line Deleted : user_pref("extensions.mysearchdial.aflt", "irmsd103");
Line Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Line Deleted : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1H1B1QtCtDtA");
Line Deleted : user_pref("extensions.mysearchdial.cntry", "US");
Line Deleted : user_pref("extensions.mysearchdial.cr", "567981372");
Line Deleted : user_pref("extensions.mysearchdial.dfltLng", "");
Line Deleted : user_pref("extensions.mysearchdial.dfltSrch", true);
Line Deleted : user_pref("extensions.mysearchdial.dnsErr", true);
Line Deleted : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Line Deleted : user_pref("extensions.mysearchdial.dspFFXOld", "dosearches");
Line Deleted : user_pref("extensions.mysearchdial.excTlbr", false);
Line Deleted : user_pref("extensions.mysearchdial.hdrMd5", "C7ADB1E6B91217ADB0D130634A39B981");
Line Deleted : user_pref("extensions.mysearchdial.hmpg", true);
Line Deleted : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1C1[...]
Line Deleted : user_pref("extensions.mysearchdial.hpFFXOld", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=hp&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503");
Line Deleted : user_pref("extensions.mysearchdial.id", "E840F2E0F4FD5E8F");
Line Deleted : user_pref("extensions.mysearchdial.instlDay", "16018");
Line Deleted : user_pref("extensions.mysearchdial.instlRef", "");
Line Deleted : user_pref("extensions.mysearchdial.lastB", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=tugs&utm_campaign=rg&utm_content=hp&from=tugs&uid=ST500DM002-1BD142_W2AC2RGF&ts=1384049503");
Line Deleted : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.21.019:1:37");
Line Deleted : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1L1[...]
Line Deleted : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"81\",\"lastVrsn\":\"81\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Line Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.sg", "none");
Line Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.tlbrId", "base");
Line Deleted : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=irmsd103&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0EtD0FyE0F0DyD0Ezz0FtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu1[...]
Line Deleted : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Line Deleted : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Line Deleted : user_pref("extensions.mysearchdial_i.hmpg", true);
Line Deleted : user_pref("extensions.mysearchdial_i.newTab", false);
Line Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Line Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.019:1:37");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.enabledAds", "false");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent101", "1361514030577");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1367005151201");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1371882045716");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent110", "1362114923286");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1371882045724");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent112", "1363722747186");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1371882045733");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1363628684694");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent140", "1365296279546");
Line Deleted : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1367478403185");
Line Deleted : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1371881544091");
Line Deleted : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent110", "1365182017303");
Line Deleted : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1371881544104");
Line Deleted : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1371881551998");
Line Deleted : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1371881544114");
Line Deleted : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent134", "1366388102733");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=2&CUI=UN47010554705404406&UM=&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3015261");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3015261&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3015261&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.machineId", "LLKOQ1RTZOXO7Y2MI5D6J6S9ZLVKPYQS+QBUYUA/FDTVEJ1STQZYMIGUOF6UV/Z9BNHQDHKSHFFTJ6BCXFV0RA");

-\\ Google Chrome v

[ File : C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [98047 octets] - [26/11/2013 11:28:45]
AdwCleaner[R1].txt - [98108 octets] - [26/11/2013 13:58:20]
AdwCleaner[R2].txt - [98169 octets] - [26/11/2013 14:34:44]
AdwCleaner[S0].txt - [97503 octets] - [26/11/2013 14:41:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [97564 octets] ##########


JRT log file

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Dana on Tue 11/26/2013 at 15:03:38.23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3E6AE1CD-3E17-4CCC-ABB7-CB1C7AF48273}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{3E6AE1CD-3E17-4CCC-ABB7-CB1C7AF48273}



~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\driverupdate startup.job"
Successfully deleted: [File] C:\Windows\syswow64\sho1897.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA88F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEFBA.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\Dana\appdata\local\updater21804"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [Folder] C:\Users\Dana\AppData\Roaming\mozilla\firefox\profiles\mlwj5sce.default\extensions\extension21804@extension21804.com
Emptied folder: C:\Users\Dana\AppData\Roaming\mozilla\firefox\profiles\mlwj5sce.default\minidumps [38 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/26/2013 at 15:26:00.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
:bigthumb:

Please download Malwarebytes from Here or Here

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
    MBAMCapture.jpg
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please
 
MBAM log

already had MBAM on desktop, but downloaded MBAM from link you provided
Installed, Updated, Ran 'Quick Scan'

MBAM log file

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.26.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Dana :: DANA-HP [administrator]

Protection: Disabled

11/26/2013 4:53:33 PM
mbam-log-2013-11-26 (16-53-33).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208268
Time elapsed: 9 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
Lookin' good now

The start pages of all 3 browsers (Chrome, IE and FF) do not use that page now (THANKS! :) )
Restarted desktop to be sure it didn't come back (had to wait for many updates to download and install)
The DOSEARCHES page did not appear.
 
Good,

Run this scanner and post the log and lets check for any leftovers that may have to be removed

OTL by OldTimer
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Click the "Scan All Users" checkbox.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
 
OTL logs (part 1 of 2)

OTL.txt file (part 1 of 2)

OTL logfile created on: 11/27/2013 12:44:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dana\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 50.05% Memory free
7.20 Gb Paging File | 4.64 Gb Available in Paging File | 64.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.07 Gb Total Space | 376.89 Gb Free Space | 83.93% Space Free | Partition Type: NTFS
Drive D: | 16.59 Gb Total Space | 2.07 Gb Free Space | 12.49% Space Free | Partition Type: NTFS

Computer Name: DANA-HP | User Name: Dana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Dana\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Check Point Software Technologies, Ltd.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\MSGTAG\MSGTAG.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Users\Dana\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Dana\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
MOD - C:\Users\Dana\AppData\Local\Google\Chrome\Application\31.0.1650.57\libglesv2.dll ()
MOD - C:\Users\Dana\AppData\Local\Google\Chrome\Application\31.0.1650.57\libegl.dll ()
MOD - C:\Users\Dana\AppData\Local\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\51ffeacb880d9c15fecc1c74f83e8973\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\60608b811724b2711cb96817043c4dd8\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\7a2dfdf44f0610b43e65f28a1448f110\ReachFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\10ef07233e429503b5bc942aa6194fe8\System.Runtime.DurableInstancing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\af7d7a2e47e0ac57b4f0fe5e0c1cda9a\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\MSGTAG\MSGTAG.exe ()
MOD - C:\Program Files (x86)\ScanSoft\PaperPort\Blicectr.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (HPAuto) -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (Hewlett-Packard)
SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (vsmon) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (ZAPrivacyService) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Check Point Software Technologies, Ltd.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (DragonSvc) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (CalendarSynchService) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe (Hewlett-Packard)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\drivers\SWDUMon.sys ()
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab ZAO)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{1D6808BD-DAF3-DF00-070D-50C3E42B2DB4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{3E6AE1CD-3E17-4CCC-ABB7-CB1C7AF48273}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{78286A4E-F424-DB7B-90A3-4348E72C120F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com
IE - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\..\SearchScopes,DefaultScope = {68866E83-D49C-4EB9-9C6F-6CBA1C047602}
IE - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\..\SearchScopes\{1D6808BD-DAF3-DF00-070D-50C3E42B2DB4}: "URL" = http://search.zonealarm.com/search?src=sp&tbid=goughGA&Lan=en&q={searchTerms}&gu=a8173ec17d69495397e8888238e70ea4&tu=10GXz00Aw2C01g0&sku=&tstsId=&ver=&&r=941
IE - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\..\SearchScopes\{68866E83-D49C-4EB9-9C6F-6CBA1C047602}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
IE - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B00F0643E-B367-4779-B45D-7046EBA37A88%7D:13.0.1.9979
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.9.618
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40zonealarm.com:1.6.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\nuance.com/DragonRIAPlugin: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dana\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dana\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: C:\Program Files (x86)\Steganos Password Manager 2012\spmplugin3 [2012/07/16 20:47:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012/07/18 20:54:16 | 000,136,026 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/09 20:48:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/10/13 06:12:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/09 20:48:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/07/14 08:47:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Extensions
[2013/11/26 15:23:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions
[2012/07/16 19:42:32 | 000,000,000 | ---D | M] ("TinyUrl Creator") -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\{89736E8E-4B14-4042-8C75-AD00B6BD3900}
[2013/07/30 16:22:43 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\donottrackplus@abine.com
[2013/11/09 20:02:53 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\ffxtlbr@zonealarm.com
[2013/10/15 10:02:20 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\https-everywhere@eff.org
[2013/11/07 13:47:32 | 000,007,817 | ---- | M] () (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\firefox@batbrowse.com.xpi
[2012/02/17 09:26:04 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/03/21 00:15:42 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\extensions\ffxtlbr@zonealarm.com\content\Abine\chrome\content\ff\view_expiry.js
[2010/03/30 21:48:32 | 000,005,500 | ---- | M] () -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\searchplugins\foodtv.xml
[2008/06/21 15:49:50 | 000,000,908 | ---- | M] () -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\searchplugins\IMDB.xml
[2008/06/21 15:49:50 | 000,001,108 | ---- | M] () -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\mlwj5sce.default\searchplugins\wikipedia.xml
[2013/11/26 14:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/11/09 20:48:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/09 20:50:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/26 19:05:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013/11/26 19:05:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/11/26 19:05:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/07/16 20:47:38 | 000,000,000 | ---D | M] (Steganos Password Manager) -- C:\PROGRAM FILES (X86)\STEGANOS PASSWORD MANAGER 2012\SPMPLUGIN3

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dana\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dana\AppData\Local\Google\Chrome\Application\31.0.1650.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dana\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dana\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\npcoplgn.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Dana\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Dragon NaturallySpeaking Rich Internet Application Support = C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn\1.0_0\
CHR - Extension: Google Wallet = C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

O1 HOSTS File: ([2013/11/11 18:38:05 | 000,449,836 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15467 more lines...
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll (Check Point Software Technologies LTD)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Dragon NaturallySpeaking Rich Internet Application Support - Extension) - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieshim.dll (Nuance Communications, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll (Check Point Software Technologies LTD)
O3 - HKLM\..\Toolbar: (Steganos Password Manager Toolbar) - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 2012\SPMIEToolbar.dll (Steganos Software GmbH)
O3 - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\..\Toolbar\WebBrowser: (Steganos Password Manager Toolbar) - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Password Manager 2012\SPMIEToolbar.dll (Steganos Software GmbH)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE (Corel Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Update 5300C] C:\Program Files (x86)\Hewlett-Packard\HP PrecisionScan\PrecisionScan\update.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-899990179-4107465522-2500062467-1001..\Run: [MSGTAG] C:\Program Files (x86)\MSGTAG\MSGTAG.exe ()
O4 - HKU\S-1-5-21-899990179-4107465522-2500062467-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk.disabled ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriver.com/DRHM/sto...sPage&SiteID=hpappli&Locale=en_US&keywords=%w
O7 - HKU\S-1-5-21-899990179-4107465522-2500062467-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O8:64bit: - Extra context menu item: Copy to &Lightning Note - c:\Program Files (x86)\Corel\WordPerfect Lightning\Programs\WPLightningCopyToNote.hta ()
O8:64bit: - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta ()
O8 - Extra context menu item: Copy to &Lightning Note - c:\Program Files (x86)\Corel\WordPerfect Lightning\Programs\WPLightningCopyToNote.hta ()
O8 - Extra context menu item: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - C:\Program Files (x86)\Steganos Password Manager 2012\SPMIEToolbar.dll (Steganos Software GmbH)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CB20EBE-68F5-4056-9AEB-9486E27E68D3}: DhcpNameServer = 192.168.0.1 205.171.3.25
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/27 12:41:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dana\Desktop\OTL.exe
[2013/11/26 17:39:59 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013/11/26 17:35:25 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/26 17:35:25 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/26 17:35:17 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/26 17:35:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/26 17:35:17 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/26 17:35:17 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/26 17:35:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/26 17:35:17 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/26 17:35:16 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/26 17:35:16 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/26 17:35:16 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/26 17:35:16 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/26 17:35:16 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/26 17:35:16 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/26 17:35:16 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/26 17:35:16 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/26 17:35:16 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/26 17:35:16 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/26 17:35:16 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/26 17:35:16 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/26 17:35:16 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/26 17:35:16 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/26 17:35:16 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/26 17:35:16 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/26 17:35:16 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/26 17:35:16 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/26 17:35:16 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/26 17:35:16 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/26 17:35:16 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/26 17:35:16 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/26 17:35:16 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/26 17:35:16 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/26 17:35:16 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/26 17:35:16 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/26 17:35:16 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/26 17:35:16 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/26 17:35:16 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/26 17:35:16 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/26 17:35:16 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/26 17:35:16 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/26 17:35:16 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/26 17:35:16 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/26 17:35:16 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/26 17:35:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/26 17:35:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/26 17:35:16 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/26 17:35:16 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/26 17:35:16 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/11/26 17:35:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/11/26 17:35:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/26 17:35:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/11/26 17:35:16 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/11/26 17:35:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/11/26 17:35:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/11/26 17:35:16 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/26 17:35:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/26 17:35:16 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/26 17:35:16 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/11/26 17:35:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/11/26 17:35:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/11/26 17:35:15 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/26 17:35:15 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/26 17:35:15 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/26 17:35:15 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/26 17:35:15 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/26 17:35:15 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/26 17:35:15 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/26 17:35:15 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/26 17:35:15 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/26 17:35:15 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/26 17:35:15 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/26 17:35:15 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/26 17:35:15 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/26 17:35:15 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/26 17:35:15 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/11/26 17:35:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/26 17:35:15 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/11/26 17:35:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/11/26 17:35:15 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/11/26 17:35:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/26 15:03:33 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/26 15:00:41 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\Dana\Desktop\JRT.exe
[2013/11/26 14:49:24 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/26 14:48:56 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/11/26 14:48:55 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/11/26 14:48:54 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/11/26 14:48:54 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/26 14:48:54 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/26 14:48:18 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/11/26 14:48:17 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/11/26 14:48:17 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/11/26 14:48:17 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/11/26 14:48:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/11/26 14:47:43 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/11/26 14:47:41 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/11/26 14:47:41 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/11/26 14:47:41 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/26 14:47:41 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/26 11:25:04 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/20 17:26:21 | 000,000,000 | ---D | C] -- C:\Users\Dana\Desktop\try 01
[2013/11/20 02:00:10 | 000,000,000 | R--D | C] -- C:\Users\Dana\Desktop\2013-11-20
[2013/11/19 18:46:26 | 000,000,000 | ---D | C] -- C:\Users\Dana\AppData\Local\VS Revo Group
[2013/11/19 18:46:17 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2013/11/19 18:46:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/11/19 18:46:16 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2013/11/19 18:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/11/19 17:50:46 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Dana\Desktop\aswMBR.exe
[2013/11/19 17:40:51 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Dana\Desktop\dds.scr
[2013/11/19 17:40:01 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013/11/19 17:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/11/19 17:39:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013/11/19 17:37:41 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Dana\Desktop\erunt-setup.exe
[2013/11/19 15:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/19 15:06:53 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/11/19 15:06:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/11/11 19:05:37 | 000,000,000 | ---D | C] -- C:\Users\Dana\AppData\Local\DoNotTrackPlus
[2013/11/10 12:25:25 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/11/10 12:25:25 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/11/09 20:48:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/09 19:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller
[2013/11/09 19:17:22 | 000,000,000 | ---D | C] -- C:\Users\Dana\AppData\Roaming\OpenWebKitSharp Strings
[2013/11/09 19:02:19 | 000,000,000 | ---D | C] -- C:\Users\Dana\AppData\Roaming\0D0S1L2Z1P1B
[2013/11/09 09:38:36 | 007,717,984 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2013/11/09 09:38:29 | 000,489,568 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2013/11/09 09:38:28 | 000,090,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2013/11/09 09:36:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2013/11/08 10:04:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
 
OTL logs (part 1.5 of 2)

OTL.txt (part 2 of 2)


========== Files - Modified Within 30 Days ==========

[2013/11/27 12:42:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dana\Desktop\OTL.exe
[2013/11/27 12:22:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-899990179-4107465522-2500062467-1001UA.job
[2013/11/27 12:14:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/26 19:39:10 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDANA-HP$.job
[2013/11/26 18:37:57 | 000,779,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/26 18:37:57 | 000,660,520 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/26 18:37:57 | 000,121,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/26 18:36:54 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/26 18:36:54 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/26 18:30:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/26 18:30:05 | 2899,214,336 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/26 17:35:25 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/26 17:35:25 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/11/26 17:35:17 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2013/11/26 17:35:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/26 17:35:17 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/11/26 17:35:17 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/11/26 17:35:17 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/26 17:35:17 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/26 17:35:16 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/26 17:35:16 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/11/26 17:35:16 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/11/26 17:35:16 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2013/11/26 17:35:16 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/11/26 17:35:16 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/11/26 17:35:16 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/11/26 17:35:16 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/11/26 17:35:16 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/11/26 17:35:16 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/26 17:35:16 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/26 17:35:16 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/11/26 17:35:16 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/11/26 17:35:16 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/11/26 17:35:16 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/11/26 17:35:16 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/11/26 17:35:16 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/11/26 17:35:16 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/11/26 17:35:16 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/11/26 17:35:16 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/26 17:35:16 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/11/26 17:35:16 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/11/26 17:35:16 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/11/26 17:35:16 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/11/26 17:35:16 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/11/26 17:35:16 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/11/26 17:35:16 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/11/26 17:35:16 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/11/26 17:35:16 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/26 17:35:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/11/26 17:35:16 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/26 17:35:16 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/26 17:35:16 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/11/26 17:35:16 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/11/26 17:35:16 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/11/26 17:35:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/11/26 17:35:16 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/11/26 17:35:16 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/11/26 17:35:16 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/26 17:35:16 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/11/26 17:35:16 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2013/11/26 17:35:16 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/26 17:35:16 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/11/26 17:35:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2013/11/26 17:35:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/11/26 17:35:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/11/26 17:35:16 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/26 17:35:16 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/26 17:35:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/26 17:35:16 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/11/26 17:35:16 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/26 17:35:16 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/26 17:35:16 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/11/26 17:35:16 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/11/26 17:35:15 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/11/26 17:35:15 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/11/26 17:35:15 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/26 17:35:15 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/26 17:35:15 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/11/26 17:35:15 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/11/26 17:35:15 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/11/26 17:35:15 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/11/26 17:35:15 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/11/26 17:35:15 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/11/26 17:35:15 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/11/26 17:35:15 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/11/26 17:35:15 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/11/26 17:35:15 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2013/11/26 17:35:15 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/11/26 17:35:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/11/26 17:35:15 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/11/26 17:35:15 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/11/26 17:35:15 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/11/26 17:35:15 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/11/26 17:31:45 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/11/26 16:51:51 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/26 15:36:16 | 000,002,362 | ---- | M] () -- C:\Users\Dana\Desktop\Google Chrome.lnk
[2013/11/26 15:00:46 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\Dana\Desktop\JRT.exe
[2013/11/26 14:45:53 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2013/11/26 14:42:43 | 000,001,166 | ---- | M] () -- C:\Users\Dana\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/26 14:42:42 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/11/26 14:28:44 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDana.job
[2013/11/26 11:23:31 | 001,091,882 | ---- | M] () -- C:\Users\Dana\Desktop\AdwCleaner.exe
[2013/11/22 03:29:24 | 000,005,248 | ---- | M] () -- C:\Users\Dana\Desktop\attach.zip
[2013/11/21 19:20:26 | 000,000,512 | ---- | M] () -- C:\Users\Dana\Desktop\MBR.dat
[2013/11/19 18:46:18 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/11/19 17:51:02 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Dana\Desktop\aswMBR.exe
[2013/11/19 17:40:54 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Dana\Desktop\dds.scr
[2013/11/19 17:39:19 | 000,001,106 | ---- | M] () -- C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/11/19 17:39:07 | 000,000,926 | ---- | M] () -- C:\Users\Dana\Desktop\NTREGOPT.lnk
[2013/11/19 17:39:07 | 000,000,907 | ---- | M] () -- C:\Users\Dana\Desktop\ERUNT.lnk
[2013/11/19 17:37:47 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Dana\Desktop\erunt-setup.exe
[2013/11/12 21:40:05 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/11/11 18:38:05 | 000,449,836 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/11/11 18:31:05 | 000,449,836 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20131111-183805.backup
[2013/11/11 18:22:04 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-899990179-4107465522-2500062467-1001Core.job
[2013/11/10 10:28:34 | 000,000,932 | ---- | M] () -- C:\Windows\wininit.ini
[2013/11/09 20:02:09 | 000,000,098 | ---- | M] () -- C:\Users\Dana\AppData\Roaming\WB.CFG
[2013/11/09 20:02:09 | 000,000,006 | ---- | M] () -- C:\Users\Dana\AppData\Roaming\WBPU-TTL.DAT
[2013/11/09 09:39:35 | 000,417,569 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2013/11/09 09:36:48 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2013/11/09 02:44:28 | 000,010,089 | -H-- | M] () -- C:\Windows\SysWow64\BTImages.dat
[2013/10/30 20:39:29 | 000,002,112 | ---- | M] () -- C:\Users\Dana\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk

========== Files Created - No Company Name ==========

[2013/11/26 17:35:16 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/26 17:35:16 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/26 11:23:24 | 001,091,882 | ---- | C] () -- C:\Users\Dana\Desktop\AdwCleaner.exe
[2013/11/22 03:29:24 | 000,005,248 | ---- | C] () -- C:\Users\Dana\Desktop\attach.zip
[2013/11/21 19:20:26 | 000,000,512 | ---- | C] () -- C:\Users\Dana\Desktop\MBR.dat
[2013/11/19 18:46:18 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/11/19 17:39:19 | 000,001,106 | ---- | C] () -- C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/11/19 17:39:07 | 000,000,926 | ---- | C] () -- C:\Users\Dana\Desktop\NTREGOPT.lnk
[2013/11/19 17:39:07 | 000,000,907 | ---- | C] () -- C:\Users\Dana\Desktop\ERUNT.lnk
[2013/11/19 15:06:55 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/10 10:28:31 | 000,000,932 | ---- | C] () -- C:\Windows\wininit.ini
[2013/11/09 20:02:09 | 000,000,098 | ---- | C] () -- C:\Users\Dana\AppData\Roaming\WB.CFG
[2013/11/09 20:02:09 | 000,000,006 | ---- | C] () -- C:\Users\Dana\AppData\Roaming\WBPU-TTL.DAT
[2013/08/23 19:44:57 | 000,001,955 | ---- | C] () -- C:\Users\Dana\AppData\Roaming\SAS7_000.DAT
[2013/05/03 01:16:39 | 000,010,089 | -H-- | C] () -- C:\Windows\SysWow64\BTImages.dat
[2013/04/07 10:20:23 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/02/10 18:11:44 | 000,000,090 | ---- | C] () -- C:\Windows\SysWow64\ftm31.dat
[2012/10/27 20:11:14 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/10/05 11:40:52 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\sh33w32.dll
[2012/10/05 09:54:07 | 000,024,909 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2012/10/05 09:54:07 | 000,000,096 | ---- | C] () -- C:\Windows\calera.ini
[2012/09/22 07:44:47 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012/07/25 16:36:00 | 000,000,171 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/07/24 17:00:29 | 000,000,008 | RHS- | C] () -- C:\ProgramData\F62B172FA5.sys
[2012/07/24 17:00:27 | 000,003,766 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/07/18 20:18:20 | 000,095,232 | ---- | C] () -- C:\Windows\SysWow64\Lfkodak.dll
[2012/07/18 20:18:19 | 000,306,688 | ---- | C] () -- C:\Windows\SysWow64\Lffpx7.dll
[2012/07/18 20:18:19 | 000,147,715 | ---- | C] () -- C:\Windows\SysWow64\prntfix.exe
[2012/05/16 20:46:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/05/16 20:34:54 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/09 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\0D0S1L2Z1P1B
[2013/05/01 14:09:36 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Check Point Software Technologies LTD
[2013/11/26 14:42:01 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\CheckPoint
[2012/07/16 18:52:53 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Firetrust
[2012/12/12 23:26:04 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Foxit Software
[2012/11/22 20:00:23 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Garmin
[2013/03/25 18:14:41 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Nuance
[2013/11/09 19:17:22 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\OpenWebKitSharp Strings
[2012/10/26 20:27:03 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\SoftGrid Client
[2012/10/04 20:37:46 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Steganos
[2012/07/15 19:57:18 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Thunderbird
[2012/07/24 15:32:52 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\TP
[2012/07/14 18:16:43 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\WinBatch
[2012/07/29 15:51:55 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\YouSendIt

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 234 bytes -> C:\ProgramData\Temp:0FF263E8

< End of report >
 
OTL logs (part 2 of 2)

EXTRAS.txt

OTL Extras logfile created on: 11/27/2013 12:44:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dana\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 50.05% Memory free
7.20 Gb Paging File | 4.64 Gb Available in Paging File | 64.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.07 Gb Total Space | 376.89 Gb Free Space | 83.93% Space Free | Partition Type: NTFS
Drive D: | 16.59 Gb Total Space | 2.07 Gb Free Space | 12.49% Space Free | Partition Type: NTFS

Computer Name: DANA-HP | User Name: Dana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04567EE2-AAD7-4B9B-AE41-64B50B61202A}" = lport=51001 | protocol=6 | dir=in | name=dragon smart phone server |
"{0F20BB0E-D5F9-4258-976E-00FC0014661D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{30B063EE-7AFB-42FC-AF6F-9E48A0BDC8E4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{327CDE4D-84BD-4F40-AF2D-0C905D6EDFE2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{35FDCD81-A5D7-4FB3-8A37-583A35BFBCE2}" = lport=445 | protocol=6 | dir=in | app=system |
"{37A9FAF9-DC91-42B4-A853-24E6F6EBD850}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3E38964F-BD2C-4878-833B-7849115A9BBF}" = rport=139 | protocol=6 | dir=out | app=system |
"{3FA65540-053B-4A46-9C8F-1A47D9569CA4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{400D6D55-0F4C-471B-B3D5-67F911EE2810}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4D2B99CB-2996-474C-AA7B-7BC04FD64034}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4FB40683-1A66-4D3D-8302-63B1A19ACE1D}" = lport=138 | protocol=17 | dir=in | app=system |
"{63BDF92E-0D68-4B52-B8DA-7BA58FF16E01}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6B0B2E20-B357-4155-A8FC-49B30D34E363}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6D1A2175-6CD4-445B-95CA-E4920CAFFE4A}" = rport=138 | protocol=17 | dir=out | app=system |
"{74351395-167A-41A9-9C7F-E3AC7C24E6E6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7BC8DCF2-6280-4155-B7F9-D012811BCC53}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7E1B003C-D99E-46BC-8A50-DF8F3600E200}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{88C8B219-C233-4C72-B9AC-6FFE0335AAA3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AE9C2DF4-5FC7-4C57-BBF9-621D22DCCF5E}" = rport=137 | protocol=17 | dir=out | app=system |
"{B2D4BB36-FEFF-4602-8E3E-A15F4A69CA81}" = lport=137 | protocol=17 | dir=in | app=system |
"{B355BD99-3431-418F-963E-0AA68B3A12F2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B8C61618-87E1-4D3D-8333-8F62820B68DD}" = lport=139 | protocol=6 | dir=in | app=system |
"{D03FBF44-8550-4BE2-9964-132EB910F9DB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{E2F80BAA-3485-4D72-88BA-36E8318548D7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EE04ABC4-E0D6-4DCA-BBA9-30FD03700F85}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EF0ECBCC-F6AC-4739-98D3-466373719D88}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF406B12-2F13-4092-85D1-AF52E0EA336F}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03958099-88F7-4D4F-9301-3A3AC97414B0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0C0FDB9A-1A96-4C27-B8D8-9202E2DD4F3B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0F8F6DBC-DEDC-441F-A175-6FB1E384787A}" = dir=in | app=c:\program files (x86)\iminent\iminent.messengers.exe |
"{1583F9D5-8BC4-4A3C-A019-4682C52F7818}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{15B441EB-1532-4A49-BDCA-D26F0CCDBCAB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1697ABD5-83CA-445A-9785-23AF85F54CC2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{28278EF6-384F-43B7-B92F-B242F4AF242C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D1748EE-79F6-4F8F-9934-9724F772B294}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{51205E03-A871-41B2-BC66-CD18676FF40C}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\roxionow\rnow.exe |
"{577865DD-EC5E-4FC2-B8C4-99DAD5CE1209}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{5B5BCAAD-F749-42E5-9651-D559A1A827F7}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
"{5CD3CC99-ACE5-4647-A3F5-980F1D9B764B}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe |
"{5D1DCAFB-0B46-423C-8DF8-5F0F78086B28}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\roxionow\indivdrm.exe |
"{6757F198-FB70-493A-AB1B-4BCEB48BC97D}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe |
"{69007A6F-1E04-49B0-A1FC-C5A1E1205F77}" = protocol=6 | dir=in | app=c:\users\dana\appdata\local\temp\7zs6102\hpdiagnosticcoreui.exe |
"{6CCCC61C-48C9-47B1-B0DA-0C3F18516BB7}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\roxionow\rnow.exe |
"{723028F1-B98D-4B7B-8C10-93145FFE0C8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{733CADDF-5C99-4A28-9765-63ABD0C35BED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7FDF627F-6899-43DC-AA7E-BB978583EA7A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82FEA30B-C992-4132-B7AC-4F3379D8934B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{858D167D-0F08-423D-95B8-BC894B3A9F77}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8F17312A-63BC-4DF5-8F1B-2894B3198FF6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{94C7D171-9762-4E86-8BC7-0242B23C3A27}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C8CEB67-6249-46F0-B794-A685C7EBA0FF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A3927822-9288-4A92-B5F0-39D37A1B79C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A5DA2801-3DE0-4190-A0C5-F7FD255297FD}" = dir=in | app=c:\program files (x86)\iminent\iminent.exe |
"{B1F88368-4A63-41B5-8B0D-2D06E78EFC45}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B46FB90E-C60D-4B58-B63F-4D37AD56023B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B5A770C6-4551-4E6A-A7C5-4DF6AFAA0F0B}" = protocol=17 | dir=in | app=c:\users\dana\appdata\local\temp\7zs6102\hpdiagnosticcoreui.exe |
"{B5FEE980-272E-42D9-A538-C87D13AE6289}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\roxionow\indivdrm.exe |
"{B890C4FE-7094-4F30-AC6A-7C3F22274E22}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BBB12BE4-822C-4938-BBA6-A6D3BC0C4933}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BDE5BD5E-1990-4EB0-A518-B231F3424A3F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C2B0318E-F7BE-40D4-A7D1-CA14F2D4B932}" = protocol=17 | dir=in | app=c:\users\dana\appdata\local\temp\7zs131d\hpdiagnosticcoreui.exe |
"{C37CCF1D-1B5B-4A2E-908D-C1BB70ACDA40}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C3B6536C-DF05-4655-A281-E9C2B1F478E0}" = protocol=17 | dir=out | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe |
"{CA09B18C-B172-49FF-BA94-F56C714320BD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CFEA14F4-8623-41AE-8BA0-851C0C3BB63F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D0886AE7-A8D5-42BC-8B33-12692DA308D4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D0D83CA1-848E-440B-AA77-27010974AF52}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{DF2B95E1-60C8-4FC2-94A8-B04DF6276226}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EF18A29D-2710-4877-924D-5A1443A5D32B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EFEB6CB4-B725-4A37-A63B-B4440C0CA513}" = protocol=6 | dir=in | app=c:\users\dana\appdata\local\temp\7zs131d\hpdiagnosticcoreui.exe |
"{F1EEAE9C-B79C-4EA4-B625-964BE1968B82}" = protocol=6 | dir=out | app=system |
"{F244BF37-BB2A-43CD-8A9F-B7C3AE24AC70}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F8134A65-44B7-45A1-8251-558F68BC9471}" = protocol=17 | dir=in | app=c:\users\dana\appdata\local\temp\7zs3d38\hpdiagnosticcoreui.exe |
"{FBB8EB69-43A4-477F-9490-F6DACEDBCD67}" = protocol=6 | dir=out | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe |
"{FCFAACA2-C1C9-4097-AD27-7BD8E3702D26}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{FFAA2012-80E8-4AA9-A9DD-24E7AF7A2C79}" = protocol=6 | dir=in | app=c:\users\dana\appdata\local\temp\7zs3d38\hpdiagnosticcoreui.exe |
"TCP Query User{4B21027C-9F3F-4A51-9C3F-707ED2016074}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"TCP Query User{589907D1-FA5C-4905-81BF-6FF7A10469CE}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"TCP Query User{BB6C9540-DC3A-413B-A028-1B9FD3ACB237}C:\program files (x86)\msgtag\msgtag.exe" = protocol=6 | dir=in | app=c:\program files (x86)\msgtag\msgtag.exe |
"UDP Query User{7AE89E4D-C3FE-4052-9400-F58B14720EBC}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"UDP Query User{AB771A5D-73D0-4990-B90C-1F82BA2F6BEA}C:\program files (x86)\msgtag\msgtag.exe" = protocol=17 | dir=in | app=c:\program files (x86)\msgtag\msgtag.exe |
"UDP Query User{E97D788A-B77D-4E9A-8A44-1E3EFEF68AC3}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}" = WordPerfect IFilter 64 bit
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6032497A-4479-462B-ADB8-A0A372BB9A23}" = HP Application Assistant
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.7
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{85A5A208-1A5A-A736-170E-AA826BC19B2A}" = ATI Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A535111D-95C8-487F-869E-CE4C239972D2}" = iTunes
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D7C661D9-1B9F-5C73-8A77-85A26D9DB78F}" = AMD Media Foundation Decoders
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FEB70794-C52E-5ABC-10EF-8D1022A6A511}" = ccc-utility64
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"CCleaner" = CCleaner
"HP Color LaserJet 2600 series" = HP Color LaserJet 2600 series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}" = WordPerfect Office X5
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01542B68-DCFC-04B9-D105-A5BCDDFA7C34}" = CCC Help Turkish
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}" = HP Clock
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{13EBF9E8-82FF-47D0-A324-534B79EF7F71}" = WordPerfect Office X5 - WT
"{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver
"{17737752-8324-7D51-D339-DBA6DE6D2DAA}" = AMD VISION Engine Control Center
"{17C5A285-F7B6-492B-8F3B-343D02B84D75}" = WordPerfect Office X5 - Common
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19B4CD07-1919-4002-B28F-A5D2027026E0}" = WordPerfect Office X5 - IPM
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F0D7D15-8A36-4AE4-8573-70BEA7DF379D}" = WordPerfect Office X5 - Migration Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20714B53-FC73-4F9C-9687-49EB237D6FD7}" = HP TouchSmart RecipeBox
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}" = HP Calendar
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{378BAC91-3AE8-45F0-90E4-4F81E3EAEBC5}" = WordPerfect Office X5 - PR
"{3C986C5A-19DA-2744-9666-15A18FF0C2B9}" = CCC Help Korean
"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers
"{3DB90277-3BA2-52D4-089F-F8A8E9EB3C93}" = CCC Help Hungarian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4873CC58-69D8-490D-9E5C-001DC2EE2010}" = WordPerfect Lightning - Messages
"{4873CC58-69D8-490D-9E5C-001DC2EE2020}" = WordPerfect Lightning - IPM
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B76743C-E56D-D33F-F7FA-6C3B305502E9}" = CCC Help Russian
"{4C278A1B-D7CA-4F9D-A74D-CB9866EB137A}" = Steganos Password Manager 2012
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{5518148D-3C8D-1C59-86F5-8E3205C4B68E}" = CCC Help French
"{55938E68-F7B3-42B1-9317-60D44067869C}" = ZoneAlarm Antivirus
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61797348-15BD-48EB-8112-ECD390DFA3A3}" = MailWasher
"{64459BD5-3AE8-4689-B7B0-D57B667D8399}" = WordPerfect Office X5 - PerfectExperts EN
"{64F52262-3848-08B6-AE57-48AC337B1ABD}" = CCC Help Italian
"{67ED9603-CB76-4338-B7B0-690FE144C4DA}" = WordPerfect Lightning
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A951F56-EF9B-B3BA-7E9B-7ABDFAD6868F}" = CCC Help Danish
"{6C13C708-FF28-4991-84E6-5526A0EE677B}" = WordPerfect Office X5 - Oxford
"{6E4B1E42-A831-44B4-A705-D006F68560EC}" = WordPerfect Office X5 - Graphics
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D2F8EE-9D45-4D95-A6F6-F6433C2B94B5}" = WordPerfect Office X5 - System EN
"{741006D1-7B2B-4E33-B2B0-831F282EEF64}" = Blio
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E750542-55BC-4300-8B7B-AC2A762FB435}" = HP LinkUp
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{80C1D83D-053C-D801-6961-426E095B7B8D}" = CCC Help Japanese
"{8364E531-493B-4B05-8041-09D5CE38B975}" = HP Weather
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8437B03F-5D2B-A8C6-CF2A-EF77D000D600}" = CCC Help Dutch
"{84A1DD9A-9DCC-FB89-EC55-E4B609C3E328}" = CCC Help Polish
"{850A14FC-F410-47F7-94E4-38F4D3F270D4}" = DriverUpdate
"{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1" = HP Magic Canvas Tutorials
"{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}" = HP Notes
"{86DB98B6-6B43-5C6A-0546-10FA3FF86D20}" = CCC Help Norwegian
"{8AE50893-3A87-4439-9A57-942ED43F7189}" = Facebook
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E9E8E4A-45DC-6AE8-C1A6-9CBB32D97E8F}" = CCC Help Chinese Standard
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{912CED74-88D3-4C5B-ACB0-132318649765}" = PressReader
"{917EAE5D-B43E-FAD4-FEDD-044B860AA91A}" = CCC Help Finnish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{954146E0-49FF-4039-AF58-2257506C7D45}" = ZoneAlarm Firewall
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{980375A3-2C47-E490-B410-0B29EFCF7C4C}" = CCC Help English
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CA3CFD8-6082-231A-D9EE-F09A9342A1A4}" = CCC Help Chinese Traditional
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BE22D4-0F66-455E-9783-1D7113CC6F00}" = Catalyst Control Center - Branding
"{A35E58D6-2A0F-4051-983B-79342081338E}" = HP RSS
"{A6FD1334-FD75-4951-935D-08F8C7E4C6B0}" = WordPerfect Office X5 - Sharepoint
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AD5D7F64-B818-0E00-A852-2A48CF415C02}" = Catalyst Control Center Graphics Previews Common
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B62C4524-41B5-4E65-952B-36AEC51E3F55}" = WordPerfect Office X5
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B769E2BD-8A06-4B03-9496-5B991025A2C6}" = ZoneAlarm Security
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{BB27B53A-EBAE-5056-D7E4-295D875B7AA7}" = CCC Help Greek
"{C0E23D8B-C7B9-8BB3-C6EA-23C193F6CA59}" = CCC Help Czech
"{C1259093-7E15-7454-6696-1AF276CEBC1F}" = CCC Help Portuguese
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD5C6C29-E6CB-4DF3-B45F-A04087B1C294}" = WordPerfect Office X5 - Templates
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4167D08-0F61-4F44-BC3F-26B4960745C4}" = WordPerfect Office X5 - Skins
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5D422B9-6976-4E98-8DDF-9632CB515D7E}" = Dragon NaturallySpeaking 12
"{D7643510-C1AE-44AD-B0F9-0665C4D73BFD}" = WordPerfect Office X5 - LegalTools
"{D8A44325-B409-223A-EC28-898ABFACBBCE}" = CCC Help German
"{DAEDCD3D-B981-4F10-B17B-764753EDAF9F}" = WordPerfect Office X5 - QP
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}" = HP Magic Canvas
"{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}" = WordPerfect Office X5 - Setup Files
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0CAD049-58B6-2A20-0257-C5300E1AD390}" = Catalyst Control Center Localization All
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E539B721-4458-4EFC-8BD0-04D4842051AE}" = Wordperfect Office X5 - EN
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E67732DE-3387-4F1E-BDDA-2D0C08BC025B}" = WordPerfect Office X5 - Filters
"{E800AF2C-A63D-52F2-4AF5-7D31B1BC87C8}" = CCC Help Thai
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB298FF1-6F2E-56A6-CB3D-8A174D2FE011}" = CCC Help Spanish
"{EB2DABBE-051B-764D-5CC2-428923F80789}" = CCC Help Swedish
"{EC61C6D9-159B-4B14-AAF3-AF33FCFA50DD}" = WordPerfect Office X5 - WP
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{F6EE49FD-B736-4888-A05A-115F3B1160FA}" = WordPerfect Lightning - MSOM
"{F89BADB0-D319-470E-8024-443EE3A3402B}" = TSHostedAppLauncher
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE678BB2-C794-65F3-1D4F-DB5173C66986}" = Catalyst Control Center InstallProxy
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Digital Editions" = Adobe Digital Editions
"DMUninstaller" = DMUninstaller
"ERUNT_is1" = ERUNT 1.1j
"ESET Online Scanner" = ESET Online Scanner v3
"Foxit Reader_is1" = Foxit Reader
"HP PrecisionScan" = HP PrecisionScan
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.0.0 (Standard)
"Kobo" = Kobo
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 25.0 (x86 en-US)" = Mozilla Firefox 25.0 (x86 en-US)
"Mozilla Thunderbird 24.1.0 (x86 en-US)" = Mozilla Thunderbird 24.1.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSGTAG_is1" = MSGTAG
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.STANDARD" = Microsoft Office Standard 2010
"PaperPort 7.01" = PaperPort 7.01
"PDF Complete" = PDF Complete Special Edition
"WinLiveSuite" = Windows Live Essentials
"WTA-0a717b7b-4771-41ad-a9a0-52e444bb6583" = Poker Superstars III
"WTA-189fc852-deac-4f12-abcf-bbc4e71f4dfa" = Blackhawk Striker 2
"WTA-19891684-5029-423d-a074-fd172fa4274c" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-356af93f-b244-4827-85fa-54af9ccc8e25" = Plants vs. Zombies - Game of the Year
"WTA-48cdac78-ed42-42ed-b2fb-c245fb50cd15" = Polar Golfer
"WTA-4b531e2e-5901-44c3-afde-224db3f54d16" = Torchlight
"WTA-5b4cfe24-73ae-4b01-be1e-346d0ce8c697" = FATE
"WTA-6288c172-caee-47d8-9aa9-434cb518b2e2" = John Deere Drive Green
"WTA-674d798d-cf01-42ef-a581-c4cbb3574f71" = Dora's World Adventure
"WTA-68a1a85c-e2a7-411d-8a0b-343211646daf" = Zuma's Revenge
"WTA-70149a81-7af9-4c46-8a85-43852c1791ae" = Penguins!
"WTA-7074cff4-2c3e-47d7-b6fe-b7d1cb0313cf" = Luxor HD
"WTA-7def4485-6846-400a-9503-d0c703b678bf" = Bejeweled 3
"WTA-9830161f-ea5e-4965-9399-4e96cbf1a5b3" = Virtual Villagers 4 - The Tree of Life
"WTA-aea1d60e-e5db-46e5-98f3-8c0cf3b1b0de" = Farmscapes
"WTA-b5ecded0-ad05-4f2c-b384-64c5ab4138a2" = The Treasures of Mystery Island: The Ghost Ship
"WTA-c23b2654-72bb-4881-91d2-4e30c4dee0a3" = Farm Frenzy
"WTA-c2aaa789-7eef-48c4-8dd3-dcf61439ec4c" = Final Drive Fury
"WTA-d4d4e2d4-97c2-41dd-b1dd-e4bf0a71f565" = Polar Bowler
"WTA-d6acc483-40c3-4891-941b-c8f51399b73e" = Cradle of Rome 2
"WTA-dffed259-b297-4bb8-a1bd-b8de9c25d430" = Jewel Match 3
"WTA-eaee7b4b-7935-4ae7-be96-241512996f1d" = Chuzzle Deluxe
"WTA-eb1aaafb-aeb7-4a3f-8590-9952b5c05dc1" = Mah Jong Medley
"WTA-ebecea0f-8797-45a6-9b5c-eb485ceea2b8" = RollerCoaster Tycoon 3: Platinum
"WTA-f0fca55b-ec2c-4e73-b303-acc6ce9fd569" = Hoyle Card Games
"WTA-ffef9c83-f0ec-435d-a629-212cb99b6c79" = Letters from Nowhere 2
"ZinioReader4" = Zinio Reader 4
"ZoneAlarm Free Antivirus + Firewall" = ZoneAlarm Free Antivirus + Firewall
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-899990179-4107465522-2500062467-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Zip Extractor Packages" = Zip Extractor Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/26/2013 7:37:47 PM | Computer Name = Dana-HP | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\dragon_support_packager.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 11/26/2013 7:38:43 PM | Computer Name = Dana-HP | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 11/26/2013 7:40:16 PM | Computer Name = Dana-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 11/27/2013 3:35:37 AM | Computer Name = Dana-HP | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\dragon_support_packager.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 11/27/2013 3:39:01 AM | Computer Name = Dana-HP | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 11/27/2013 3:46:03 AM | Computer Name = Dana-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

[ Hewlett-Packard Events ]
Error - 7/28/2012 8:55:22 PM | Computer Name = Dana-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 7/28/2012 8:55:25 PM | Computer Name = Dana-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 8/12/2012 1:47:57 PM | Computer Name = Dana-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/fcb3ede9_9df3_4432_a208_28bea27e9e61/7klzohc7zk+tag8tzthpzmlx_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3686 Ram Utilization: 40 TargetSite: Void UpdateDetail(System.String)

Error - 8/18/2012 7:32:49 PM | Computer Name = Dana-HP | Source = hpsa_service.exe | ID = 2000
Description =

Error - 10/25/2012 12:11:28 PM | Computer Name = Dana-HP | Source = HPSFMsgr.exe | ID = 2000
Description = HP Error ID: -2147467261 at HPSA_Messenger.MessengerManager.CommonMessengerStatusTask.SetWMISysInformation()
Message:
Object reference not set to an instance of an object. StackTrace: at HPSA_Messenger.MessengerManager.CommonMessengerStatusTask.SetWMISysInformation()
Source:
HPSFMsgr Name: HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 3686 Ram
Utilization: 40 TargetSite: Void SetWMISysInformation()

Error - 11/4/2012 12:02:06 AM | Computer Name = Dana-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 11/12/2012 5:17:53 PM | Computer Name = Dana-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 3686 Ram Utilization: 40 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 12/16/2012 12:08:47 AM | Computer Name = Dana-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 12/22/2012 8:53:54 PM | Computer Name = Dana-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 12/22/2012 8:53:54 PM | Computer Name = Dana-HP | Source = HPSF.exe | ID = 4000
Description =

[ HP Software Framework Events ]
Error - 11/11/2013 6:47:51 AM | Computer Name = Dana-HP | Source = CaslSmBios | ID = 5
Description = 2013/11/11 03:47:51.145|00000760|Error |[CaslWmi]CommandDiags::C{bool()}|Error,
eRet: 597

Error - 11/11/2013 6:47:52 AM | Computer Name = Dana-HP | Source = CaslSmBios | ID = 5
Description = 2013/11/11 03:47:52.737|00000760|Error |[CaslWmi]CommandDiags::C{bool()}|Error,
eRet: 597

Error - 11/11/2013 6:47:54 AM | Computer Name = Dana-HP | Source = CaslSmBios | ID = 5
Description = 2013/11/11 03:47:54.328|00000760|Error |[CaslWmi]CommandDiags::C{bool()}|Error,
eRet: 597

Error - 11/11/2013 6:47:55 AM | Computer Name = Dana-HP | Source = CaslSmBios | ID = 5
Description = 2013/11/11 03:47:55.903|00000760|Error |[CaslWmi]CommandDiags::C{bool()}|Error,
eRet: 597

Error - 11/11/2013 6:47:57 AM | Computer Name = Dana-HP | Source = CaslSmBios | ID = 5
Description = 2013/11/11 03:47:57.495|00000760|Error |[CaslWmi]CommandDiags::C{bool()}|Error,
eRet: 597

Error - 11/11/2013 6:47:59 AM | Computer Name = Dana-HP | Source = CaslSmBios | ID = 5
Description = 2013/11/11 03:47:59.070|00000760|Error |[CaslWmi]CommandDiags::C{bool()}|Error,
eRet: 597

Error - 11/11/2013 6:48:00 AM | Computer Name = Dana-HP | Source = CaslSmBios | ID = 5
Description = 2013/11/11 03:48:00.661|00000760|Error |[CaslWmi]CommandDiags::C{bool()}|Error,
eRet: 597

Error - 11/11/2013 6:48:03 AM | Computer Name = Dana-HP | Source = CaslSmBios | ID = 5
Description = 2013/11/11 03:48:03.813|00000760|Error |[CaslWmi]CommandDiags::C{bool()}|Error,
eRet: 597

Error - 11/11/2013 6:48:05 AM | Computer Name = Dana-HP | Source = CaslSmBios | ID = 5
Description = 2013/11/11 03:48:05.404|00000760|Error |[CaslWmi]CommandDiags::A{hpCasl.enReturnCode(System.DateTime&)}|Error
executing wmiBIOS.ExecMethodClient, eRetCode: 597

Error - 11/11/2013 6:48:06 AM | Computer Name = Dana-HP | Source = CaslSmBios | ID = 5
Description = 2013/11/11 03:48:06.995|00000760|Error |[CaslWmi]CommandDiags::C{bool()}|Error,
eRet: 597

[ System Events ]
Error - 11/26/2013 8:23:39 PM | Computer Name = Dana-HP | Source = DCOM | ID = 10010
Description =

Error - 11/26/2013 9:34:38 PM | Computer Name = Dana-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80242016: Cumulative Security Update for Internet Explorer 10 for
Windows 7 Service Pack 1 for x64-based Systems (KB2888505).

Error - 11/26/2013 10:08:41 PM | Computer Name = Dana-HP | Source = Service Control Manager | ID = 7031
Description = The ZoneAlarm Privacy Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.


< End of report >
 
Hi,

Open OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    Code: 
    :OTL
[2013/11/11 18:31:05 | 000,449,836 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20131111-183805.backup

:Services

:Reg

:Files
ipconfig /flushdns /c


:Commands
[purity]
[resethosts]
[EMPTYJAVA] 
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top. <--Not run Scan
  • Let the program run unhindered, reboot when it is done
  • Then post the results of the log it produces
 
OTL Fix log

11272013_134905

All processes killed
========== OTL ==========
C:\Windows\SysNative\drivers\etc\hosts.20131111-183805.backup moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Dana\Desktop\cmd.bat deleted successfully.
C:\Users\Dana\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYJAVA]

User: All Users

User: Dana
->Java cache emptied: 45946 bytes

User: Default

User: Default User

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Dana
->Temp folder emptied: 2590434 bytes
->Temporary Internet Files folder emptied: 10853863 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 87496131 bytes
->Google Chrome cache emptied: 11628060 bytes
->Flash cache emptied: 177293 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6104723 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42327954 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 154.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11272013_134905

Files\Folders moved on Reboot...
C:\Users\Dana\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Dana\AppData\Local\Temp\~DFF9FA566F1019ACF3.TMP moved successfully.
C:\Users\Dana\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\ZLT011e5.TMP moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 
Looks good

Great!

Just get a 'User Account Control' popup on startup
Program: Update.exe
Publisher: Unknown
I think it is to run the SuperAntiSpyware popup notification that appears in lower right on startup
(That popup has not appeared, but I have not clicked 'Allow' )

Definitely running better than last week, and seems to be running better than before DOSEARCHES took over the browsers.


Thanks!
 
Lets check that update file and make sure its ok

You will need the 64 Bit version of this program

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64 Bit Version

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: 
    :filefind
Update.exe
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
 
Status
Not open for further replies.
Back
Top